1994-04-08 - safety in Numbers ?

Header Data

From: Ed Switalski <E.Switalski@bnr.co.uk>
To: cypherpunks@toad.com (Cypherpunks Mailing List )
Message Hash: fc4f53b32aeca1c0363e53d671bd2c31be31b0bd0f298da812dcb573dc2c773f
Message ID: <199404080951.22060@bnsgs200.bnr.co.uk>
Reply To: N/A
UTC Datetime: 1994-04-08 09:52:17 UTC
Raw Date: Fri, 8 Apr 94 02:52:17 PDT

Raw message

From: Ed Switalski <E.Switalski@bnr.co.uk>
Date: Fri, 8 Apr 94 02:52:17 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List )
Subject: safety in Numbers ?
Message-ID: <199404080951.22060@bnsgs200.bnr.co.uk>
MIME-Version: 1.0
Content-Type: text/plain



Hi,


  a recent c-punx posting raised an implicit question about
  the amount of RSA in use already.

  Obviously the larger and more international the user base is
  less likely that Uncle Sam & sidekicks etc can palm off compromised
  crypto and signature schemes on the rest of us.

  Two quotes below from the pem-dev (PEM developers) list at tis.com 
  give grounds for optimism. I have blinded the names, as a first
  line of defence, (those already subscribed to the list
  can find the original postings by date.

Note that:
  The Public Key scheme mentioned in message 2 may not be full RSA,
  but indicates the possibilities if  slot-in  crypto modules were
  available for interface to standard PC/Mac office software packages 
   
  PGP has a high profile right now, but needs more users to 
  really damange Clipper.


--- Quote 1 ---

Date:    Thu, 31 Mar 1994 02:43:27 EST

Just a data point.  There are currently roughly 3,620 PGP keys on the
PGP key servers --- despite the fact that use of PGP generally entails
violation of RSA DSI's patents.  (Note that this number only includes
those people who have published their keys; others, due to the patent
issue, may not have published their keys on the key servers, and so
would not be counted in this figure.)
  
There are also people using RIPEM as well.
 
 Meanwhile, we haven't even been able to get our act together to generate
a PEM root key; my understanding is that this at least partially related
to the liability involved in running a root which *everyone* has to
trust, although there may be other show stoppers as well.
 
So there definitely is at least some amount of demand for secure
electronic mail using RSA.  It's just that by and large, people just
aren't using PEM to satisfy their needs.

--- end of Quote 1 ---

*** Come on PEM-people get yourself a root key !  Then organizations
*** ill send more RSA-authenticated mail.

--- Quote 2 ---

Date:    Thu, 17 Mar 1994 12:20:22 EST
 
Recent discussions with a very large software company
that I won't name at this time indicates that they have
on the order of 750,000 users that are already using an
older form of public key cryptography. They are preparing
their next release, currently plan to make it PEM compatible
(although they are also looking carefully at the Apple AOCE
varient), and expect that as many as 1.5 million users might
be on this system within a year. This system includes a
proprietary directory, and they are also planning to interface
that directory to X.500.

--- end of Quote 2 ---

***   Thinks: the number of retrievals to date of PD crypto would be 
.     useful to know 


    For we are many and our name is Legion ....



    		Regards,
		Ed Switalski		






Thread