1997-10-31 - [SURVEY] pgp5.x / pgp2.x users

Header Data

From: Adam Back <aba@dcs.ex.ac.uk>
To: cypherpunks@cyberpass.net
Message Hash: 5e3ee8c90fedc98cde15ab6d04a4f1db6d0dbd7e5d7b259d8053dc6bed5993f6
Message ID: <199710311615.QAA04333@server.test.net>
Reply To: N/A
UTC Datetime: 1997-10-31 16:23:56 UTC
Raw Date: Sat, 1 Nov 1997 00:23:56 +0800

Raw message

From: Adam Back <aba@dcs.ex.ac.uk>
Date: Sat, 1 Nov 1997 00:23:56 +0800
To: cypherpunks@cyberpass.net
Subject: [SURVEY] pgp5.x / pgp2.x users
Message-ID: <199710311615.QAA04333@server.test.net>
MIME-Version: 1.0
Content-Type: text/plain




Fill out and email me, and I'll tabulate results, and post here and on
ietf-open-pgp:

==============================8<==============================
mini straw poll on pgp2.x and 5.x usage:

1. What are you currently using for everyday use: 2.x or 5.x

[ 2 or 5 ]

2. What proportion of people you use PGP to communicate with are using 5.x

[ x / y ]

3. How many of the 5.x users you communicate with are cypherpunks

[ z ]
==============================8<==============================

The question has come up on ietf-open-pgp as to how important it is
for the OpenPGP standard to support backwards compatibility with
pgp2.x.

The tension arises because 2 of the 3 cryptographic algorithms used in
pgp2.x are patented in some parts of the world.  (IDEA being patented
in Europe, and US; and RSA being patented in the US and Canada).

The IETF generally likes to steer clear of patented algorithms as
MUSTs in standards.  This encourages implementations, etc.
(Personally I'm pretty keen on this point, though I would like more
backwards compatible pgp5.x implementations -- I've already received
emails I can't read without resorting to the pgp5 command line app,
which doesn't work with my mailer integrated system.)

So the question arises, just how many pgp2.x users are there.  PGP Inc
are pointing to the ratio of RSA keys to DSA/EG keys on keyservers as
showing that pgp2.x users are in the minority.  However that ratio is
something like 20,000 to 75,000, and I'm sure we've heard statistics
in the past about there being literally millions of pgp 2.x users.
One suspects that either many pgp 2.x users aren't using keyservers (I
know several cypherpunks who have something against key servers and
avoid them for perceived security or privacy reasons), and/or the
pgp2.x user base is exaggerated.

Adam
-- 
Now officially an EAR violation...
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/

print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`






Thread