_NSAKEY kwaba variable igama zatholakala e Windows NT 4 SP5 ngo-1999 ngu-Andrew D. Fernandes ka Cryptonym Corporation.Ukuhluka bekuqukethe ukhiye womphakathi ongu-1024-bit; okhiye abanjalo basetshenziswa ekubetheni okhiye womphakathi kokubethela nokuqinisekisa.Ngenxa yaleli gama, noma kunjalo, kwakucatshangwa ukuthi ukhiye uzovumela i-United States National Security Agency (NSA) ukuthi ichithe noma yikuphi ukuphepha komsebenzisi weWindows.IMicrosoft yakuphika ukuqagela yathi igama lokhiye livela ekutheni i-NSA yayiyigunya lokubuyekeza ubuchwepheshe kwezilawuli zokuthumela i-cryptography zase-US .
IMicrosoft idinga wonke amasudi we-cryptography asebenzisana ne- Microsoft Windows ukuze abe nesiginesha yedijithali.Njengoba kungamakhompiyutha avunyelwe yiMicrosoft kuphela angathunyelwa ngeWindows, kungenzeka ukugcina amakhophi wokuthumela ngaphandle kwalolu hlelo lokusebenza ngokuhambisana neMithetho Yokulawulwa Kwempahla Ephumayo (EAR), ephoqelelwa yi- Bureau of Industry and Security (BIS).
Ngesikhathi sethulwa engqungqutheleni yeComputer, Freedom and Privacy 2000 (CFP2000), uDuncan Campbell, umcwaningi omkhulu e- Electronic Privacy Information Center (EPIC), ubalule impikiswano ye-_NSAKEY njengesibonelo sendaba evelele ehlobene nokuphepha nokuqashwa.
Ngaphezu kwalokho, uDkt Nicko van Someren wathola ukhiye wesithathu ku-Windows 2000, ayengabaza ukuthi unenhloso esemthethweni, futhi wamemezela ukuthi "Kubukeka kunenhlanzi".
IMicrosoft yakuphika ukuqagela kwangaphandle ku _NSAKEY yathi "Lokhu kuqagela kuyindida kwazise iMicrosoft ibiphikisana njalo neziphakamiso ezahlukahlukene zokuphakanyiswa kwezimali zokuhlongozwa kwabantu nguhulumeni."Ngokusho kweMicrosoft, uphawu lokhiye kwakungu "_NSAKEY" ngoba i-NSA kwakuyigunya lobuchwepheshe lobuchwepheshe bezilawuli zokuthumela i-cryptography e-US, kanti ukhiye waqinisekisa ukuthobela imithetho yase-US yokuthumela ngaphandle.
AbakwaMicrosoft bathi ukhiye wesithathu ubukwakhiwa kwe-beta kuphela kweWindows 2000 nokuthi inhloso yayo bekuwukusayina abahlinzeki benkonzo ye-Cryptographic .
I -Mozilla ikhasi ngemibuzo evamile ku indlela yokubhala efihla incazelo ukhuluma:
Empeleni kungenzeka ngaphansi kwezimo ezithile ukuthola ilayisense yokuthumela ngaphandle isoftware esebenzisa imisebenzi ye-cryptographic nge-API.Isibonelo, ukuqaliswa kweMicrosoft kwemininingwane ye-Microsoft Cryptographic API (CryptoAPI) kuvunyelwe ukuthunyelwa ngaphandle kusuka e-US, noma ngabe isebenzisa i-API lapho abantu besithathu, kufaka phakathi abantu besithathu abangaphandle kwe-US, bangeza amamojuli ahlukile ("Abahlinzeki Bezinsizakalo ze-Cryptographic" noma ama-CSPs) enza ukusebenza kwe-cryptographic.Lokhu kuvunyelwa ukuthekelisa kwenzeka kwenzeka ngenxa yokuthi a) ukuqaliswa kwe-CryptoAPI kudinga ukuthi ama-CSP wesithathu asayinwe ngokwamanani yi-Microsoft futhi anqabe imizamo yokubiza ama-CSP angasayiniwe kangako; b) ngale nqubo yokusayina iMicrosoft ingaqinisekisa ukuhambisana nemithetho efanele yokulawulwa kokuthekelisa yase-US (isib. futhi c) Ukusetshenziswa kwe-Microsoft kwe-CryptoAPI kutholakala kuphela ngendlela ephathekayo, ngakho-ke kucatshangwa ukuthi kungamelana kahle nokuphazanyiswa ngumsebenzisi ukukhubaza isheke lesiginesha ye-CSP.
IMicrosoft ithe ukhiye wesibili ukhona njengesipele sokuvikela ukuthi kungenzeka ulahlekelwe ukhiye oyimfihlo oyinhloko.UFernandes uyayingabaza le ncazelo, ekhomba ukuthi indlela eyamukelwa ngokujwayelekile yokuqapha ukulahleka kokhiye oyimfihlo ukuhlukanisa imfihlo, okungahlukanisa ukhiye ube izingxenye ezahlukahlukene, ezizobe zisatshalaliswa kubaphathi abaphezulu.Uthe lokhu kuzoba namandla kakhulu kunokusebenzisa okhiye ababili; uma ukhiye wesibili ulahlekile futhi, iMicrosoft izodinga ukumaka noma ukuthuthukisa wonke amakhophi eWindows emhlabeni, kanye nayo yonke imodyuli ye-cryptographic eyake yasayina. Bekungenzeka ukuthi kususwe i- _NSAKEY yesibili.
Kukhona izindaba ezinhle phakathi kwababi, noma kunjalo.Kuvela ukuthi kunephutha endleleni okwenziwa ngayo ukusebenza kwe- "crypto_verify". Ngenxa yendlela ukuqinisekiswa kwe-crypto kwenzeka ngayo, abasebenzisi bangaqeda kalula noma bashintshe ukhiye we-NSA ohlelweni lokusebenza ngaphandle kokushintsha noma yiziphi izingxenye zokuqala zeMicrosoft.Njengoba ukhiye we-NSA ushintshwa kalula, kusho ukuthi izinkampani okungezona ezase-US zikhululekile ukufaka izinsiza "eziqinile" ze-crypto kuWindows, ngaphandle kwemvume kaMicrosoft noma yeNSA.Ngakho-ke i-NSA isuse ngempumelelo ukulawula okuthekelisa kwe- "strong" crypto ku-Windows.Uhlelo lokubonisa oluthatha indawo yokhiye we-NSA lungatholakala kuwebhusayithi ye-Cryptonym.
NgoSepthemba 1999, umcwaningi ongaziwa wahlehlisa kabusha ukhiye oyinhloko kanye ne- _NSAKEY kufomethi ehambelana ne-PGP futhi wayishicilela kumaseva abalulekile .
Type Bits/KeyID Date User ID pub 1024/346B5095 1999/09/06 Microsoft's CAPI key <postmaster@microsoft.com> -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.3i mQCPAzfTc8YAAAEEALJz4nepw3XHC7dJPlKws2li6XZiatYJujG+asysEvHz2mwY 2WlRggxFfHtMSJO9FJ3ieaOfbskm01RNs0kfoumvG/gmCzsPut1py9d7KAEpJXEb F8C4d+r32p0C3V+FcoVOXJDpsQz7rq+Lj+HfUEe8GIKaUxSZu/SegCE0a1CVABEB AAG0L01pY3Jvc29mdCdzIENBUEkga2V5IDxwb3N0bWFzdGVyQG1pY3Jvc29mdC5j b20+iQEVAwUQN9Nz5j57yqgoskVRAQFr/gf8DGm1hAxWBmx/0bl4m0metM+IM39J yI5mub0ie1HRLExP7lVJezBTyRryV3tDv6U3OIP+KZDthdXb0fmGU5z+wHt34Uzu xl6Q7m7oB76SKfNaWgosZxqkE5YQrXXGsn3oVZhV6yBALekWtsdVaSmG8+IJNx+n NvMTYRUz+MdrRFcEFDhFntblI8NlQenlX6CcnnfOkdR7ZKyPbVoSXW/Z6q7U9REJ TSjBT0swYbHX+3EVt8n2nwxWb2ouNmnm9H2gYfXHikhXrwtjK2aG/3J7k6EVxS+m Rp+crFOB32sTO1ib2sr7GY7CZUwOpDqRxo8KmQZyhaZqz1x6myurXyw3Tg== =ms8C -----END PGP PUBLIC KEY BLOCK-----
Type Bits/KeyID Date User ID pub 1024/51682D1F 1999/09/06 NSA's Microsoft CAPI key <postmaster@nsa.gov> -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.3i mQCPAzfTdH0AAAEEALqOFf7jzRYPtHz5PitNhCYVryPwZZJk2B7cNaJ9OqRQiQoi e1YdpAH/OQh3HSQ/butPnjUZdukPB/0izQmczXHoW5f1Q5rbFy0y1xy2bCbFsYij 4ReQ7QHrMb8nvGZ7OW/YKDCX2LOGnMdRGjSW6CmjK7rW0veqfoypgF1RaC0fABEB AAG0LU5TQSdzIE1pY3Jvc29mdCBDQVBJIGtleSA8cG9zdG1hc3RlckBuc2EuZ292 PokBFQMFEDfTdJE+e8qoKLJFUQEBHnsH/ihUe7oq6DhU1dJjvXWcYw6p1iW+0euR YfZjwpzPotQ8m5rC7FrJDUbgqQjoFDr++zN9kD9bjNPVUx/ZjCvSFTNu/5X1qn1r it7IHU/6Aem1h4Bs6KE5MPpjKRxRkqQjbW4f0cgXg6+LV+V9cNMylZHRef3PZCQa 5DOI5crQ0IWyjQCt9br07BL9C3X5WHNNRsRIr9WiVfPK8eyxhNYl/NiH2GzXYbNe UWjaS2KuJNVvozjxGymcnNTwJltZK4RLZxo05FW2InJbtEfMc+m823vVltm9l/f+ n2iYBAaDs6I/0v2AcVKNy19Cjncc3wQZkaiIYqfPZL19kT8vDNGi9uE= =PhHT -----END PGP PUBLIC KEY BLOCK-----