From: hughes@ah.com (Eric Hughes)
To: cypherpunks@toad.com
Message Hash: 5f7527d3f1d58bfdb0338f8a2c339170b442163c088e796112b8fea4e92b59ea
Message ID: <9403172238.AA02366@ah.com>
Reply To: <199403172205.RAA23556@eff.org>
UTC Datetime: 1994-03-17 22:50:40 UTC
Raw Date: Thu, 17 Mar 94 14:50:40 PST
From: hughes@ah.com (Eric Hughes)
Date: Thu, 17 Mar 94 14:50:40 PST
To: cypherpunks@toad.com
Subject: EFF gun-shy of legally employing PGP (fwd)
In-Reply-To: <199403172205.RAA23556@eff.org>
Message-ID: <9403172238.AA02366@ah.com>
MIME-Version: 1.0
Content-Type: text/plain
On not using PGP:
>1) It wouldn't have solved the problem, since the majority of people who
>spreead the false press release are not encryption users.
Yes, it would solve the problem. Not every individual could have
verified the message, but enough people would have, and immediately
enough, that no question would have remained for long about the
forgery.
The epistempology of authorship is of social nature already. With
cryptography, one can lift authorship of public keys to authorship of
documents, but this is an optimization, not a necessity. By allowing
those people who do use cryptography to verify authorship, one can
speed the process for the rest. Not everyone currently uses crypto,
true, but better a partial benefit than none at all. And the partial
benefit of a signed message is most of the benefit.
>2) PGP is inconvenient to use.
>3) EFF is a Mac shop, but our licensed copy of Viacrypt doesn't run on the
>Mac.
MacRIPEM is both easy to use and runs on a Mac. There may be other
reasons not to use PEM and PEM-derived systems over PGP, but I do not
think they outweigh, at this time, the public and forthright use of
cryptography by the policy leaders, and I mean not only EFF here.
It is not my place to make internal EFF policy, but I will suggest it,
namely, that all public communications that go out to Usenet and to
public mailing lists be digitally signed by their authors.
Eric
Return to March 1994
Return to “Mike Godwin <mnemonic@eff.org>”