Does microsoft give private keys uploaded to azure?
Does it give the originally encrypted pfx file (with the identified password), or the decrypted content?
Does microsoft grant nsa access to the vm (for placement of spying tools, etc.) or changing ssl ciphersuite group policy?
Are deleted images and deleted storage blocks delivered?
Does the azure fabric enable ssl to be offloaded to the loadbalancer pool?
Let’s say a court order required elements of the above. Could microsoft comply? Is i t allowed to lie to a court (or give sealed response) to protect the nsa side capabilities?
Now the questions for microsoft cloud extend beyond that particular platform. They extend to any ISP, service provider, communications provider, or similar. And, we recall JUST how sensitive the larger firms were to being outed on using “common language” of denial. we need to follow up just “how come” the language was synced. That is, WHAT IS THE FORUM they used (and how much involvement does it have with US government entities in this case or in other cases within the scope of the forum)?
Lets see transparency at work… (or is it all just a big Google sham, or PR value)? Lets watch how they cover this one – in some mock privacy or scoping rules (that deny transparency).