Maybe this is just a 0.0001% thing, but it always seems to happen to me.

Over the weekend I was investigating the whole authenticode thing, I just needed a simple method for testing signed exe's under win9x thru XP. Looking at MSDN, it directs me to WinVerifyTrust in WINTRUST.DLL. Unfortunately msdn also reports that it's available only under WinNT/2k/XP.

Thus my search began - and was quickly answered by CAPICOM.DLL, a redistributable that's available for Win9x thru XP! It's a com library that exposes a large number of interfaces for managing authenticode signatures. The most important of which is the ability to check the signature of a signed file!

Unfortunately ALL the links on msdn to get the redistributable are dead. In a few places it's mentioned that it was moved to the platform sdk - but that's only a half truth: the platform sdk includes source samples and not the redistrib!

When I went to the QA lab to start digging thru the msdn archives, I got a random thought "what if msdn is a lying bitch? It's not like it's never been inaccurate".
So I turned on the oldest Win9x box I could find - win98.
I did a search for WINTRUST.DLL
I found it in the windows directory
and I sent it to my main workstation
Would you believe that it not only has "WinVerifyTrust" it also has "WinVerifyTrustEx".

This leads me to a single, unwaivering conclusion: MSDN's level of accuracy is similar in spirit to that of the hitchhikers guide to the galaxy. Which in my technical world that requires highly accurate API documentation - does indeed make it a lying bitch.
On the bright side, there are a few MS KB tech support entries that reference wintrust.dll, it seems to get installed by IE4.x and later on Win95

Oh well. Why is it that in moments like these, the phrase "Thank you Microsoft, May I have another?" comes to mind?