1994-05-17 - Broken PGP 2.6

Header Data

From: VACCINIA@UNCVX1.OIT.UNC.EDU
To: cypherpunks@toad.com
Message Hash: b90e60030f85def6fced4cd776ee47ae5599238ebd4753eb9ccca14bbf5c220a
Message ID: <01HCFEH2HLF600188L@UNCVX1.OIT.UNC.EDU>
Reply To: N/A
UTC Datetime: 1994-05-17 05:09:48 UTC
Raw Date: Mon, 16 May 94 22:09:48 PDT

Raw message

From: VACCINIA@UNCVX1.OIT.UNC.EDU
Date: Mon, 16 May 94 22:09:48 PDT
To: cypherpunks@toad.com
Subject: Broken PGP 2.6
Message-ID: <01HCFEH2HLF600188L@UNCVX1.OIT.UNC.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hal writes: 
>FTP sites which hold programs or even patch files to allow 2.6 to 
>interoperate with 2.3 will be targetted by RSA as contributory infringers.
>In short, the legal advantages PGP 2.6 will have over unapproved versions 
>will be strong enough that it will be widely used in the U.S.

Perhaps I'm being something of a romantic, but one of the reasons that I was
drawn to PGP as an encryption system was because it was code that could be 
worked upon and improved by those who have bright minds. This is the reason
people use it, a product designed by many intelligent people to be the best,
using the best implementations of code that could be thought up. This latest 
version seems to be an attempt to derail this effort and implement a system 
which is a compromise that neither improves PGP nor allows further code 
improvement in the future (Re: Hals remarks on "hacked" versions being 
non-RSA approved and thus having little hope of implementation). This SUCKS, 
frankly. And I am not sure I can buy into PGP 2.6 in it's present form. I 
suppose I may be forced to, but I can't support the effort as it has so far 
come to pass.
                                     
RSA has had more than enough time to target infringers and afraid of their 
patent standing have not done so. They have coerced certain factions to 
fix their problems by supplying an easy alternative to their legal problems;
initiate the release of a de facto standard that doesn't violate their 
patents. The thing is, that if they hadn't made that one last little shove, 
I would have taken their alternative. I draw the line at crippling new PGP 
code improvements :-(

>Look at it rationally, and 2.6 is a step in the right direction.

It is not rational to tilt at windmills but we have been doing so for a while
now. Rationally, it certainly is easier to just accept 2.6. A step in the 
right direction? I don't think so.

Scott G. Morham             !The First, 
Vaccinia@uncvx1.oit.unc.edu !           Second
PGP Public Keys by Request  !                  and Third Levels
                            !        of Information Storage and Retrieval
                            !DNA,                       
                            !     Biological Neural Nets,
                            !                             Cyberspace

-----BEGIN PGP SIGNATURE-----
Version: 2.3a

iQCVAgUBLdWtVD2paOMjHHAhAQHF+wQA0losp300aWPq9rqPN2Qc574kczoV5tfv
cQG0fx+VN7T9+8D90GUQ6EhNPv1b7PZghLvwM3cRzKZKsaMsm08sBasj6JjsmujI
1rLoqdd9DmktHEeUmXXlRI1sa5pfN5sHBL/u0sZKD8TlxSEO11xNvb3RW2niHvOx
DFZNOS/hrew=
=0qPX
-----END PGP SIGNATURE-----





Thread