Hi,

Microsoft signs it's cryptographic service provider (csp) dlls with a private key. advapi32 will only load csp dlls with a valid signature. We will never be able to implement this, since this would mean having access to Microsoft's private keys. Above this, Microsofts scheme doesn't give real security, since there are instructions on the web to replace advapi32's _NSAKEY with an arbitrary private key (this is if you have write access to advapi32.dll), allowing you to load a csp signed by yourself.

I would like to remove the (stubbed) signature checking code from advapi32. This would clean up advapi32 somewhat and remove a FIXME message, which bothers me for some time and which confused wine users in at least two occurences.

Comments anyone?

Bye,