1994-05-17 - Re: (none)

Header Data

From: Black Unicorn <unicorn@access.digex.net>
To: cdodhner@indirect.com (Christian D. Odhner)
Message Hash: 32592b619f693a1b1926d304d987df16c1899b6c444b5229ba7873759de7def0
Message ID: <199405171443.AA24248@access1.digex.net>
Reply To: <2pBsjepAkPD9064yn@indirect.com>
UTC Datetime: 1994-05-17 14:43:37 UTC
Raw Date: Tue, 17 May 94 07:43:37 PDT

Raw message

From: Black Unicorn <unicorn@access.digex.net>
Date: Tue, 17 May 94 07:43:37 PDT
To: cdodhner@indirect.com (Christian D. Odhner)
Subject: Re: (none)
In-Reply-To: <2pBsjepAkPD9064yn@indirect.com>
Message-ID: <199405171443.AA24248@access1.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Christian D. Odhner scripsit
> 
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> In article <2r9h97$oro@nyx10.cs.du.edu>, Alex Strasheim wrote:
> > 
> > I have been reading nothing but complaints ever since the planned release 
> > of 2.6 was announced.
> 
> With good reason. It's a bullshit product.

Thunk.  (Sound of hammer, hitting nail on head)

> 
> > It is true that messages generated with 2.6 won't be decodable with some
> > earlier versions, including 2.3a.
> 
> And most likely 2.4 as well, although that's a horse of a
> different color.
> 
> > It is also true that 2.6 can't be exported with RSAREF code.


"I admit this is a useless product, BUT...."

[...]

> 
> > This means that it will not be possible, at
> > first, to use 2.6 to correspond with users who are not in the US or 
> > Canada.

"The Acura we talked about on the phone was driven off the lot... perhaps I 
can interest you in this super-low-mileage 1972 'Le Car'?  You can always 
trade it in later when we get the Acuras back in stock...."
 
> Or with users in the usa or canada who choose to use 2.3a.
> (and possibly 2.4 as well? Any confirm or deny on this one?)
> 
> > But this will be a temporary condition.  There are precedents for 
> > exporting code into which foreign users can plug their own crypto 
> > engines.  This is probably what will happen with PGP:  programmers 
> > outside of the US will develop code which duplicates the functionality of 
> > the RSAREF engine, and a non-US version of PGP, functionally equivilant 
> > to the American version, will be made available to users who don't have 
> > access to the US version.

"Meanwhile, there are some excellent aftermarket sports kits for 'Le 
Car.'  The 3rd party bra looks great on it and the suspension kits just 
blow away the original springs!  Of course some assembly is required...."

> A total waste of time. Any 'foreign users' who wish it will
> be able to get a copy of 2.6 in short order. But that's
> still not going to change the fact that it's not a
> worthwhile program.

Yep.

> > The word to describe what has happened is "compromise".  The PGP 
> > developers, along with MIT, were able to reach a compromise with RSADSI 
> > and PKP.  Yes, they had to give some things up.  But in exchange, they 
> > were able to secure the right to legally distribute, for free, an open 
> > source version of PGP in the USA.

I said before, I couldn't figure out who had been at the table for the 
intellectual property interests when the 2.5 thing was negotiated, but 
I'd like to go up against her.  We all knew it changed nothing, and no one 
could figure out what PKP was up to.

Now its clear they weren't super clever like I first feared, but just really 
slow and stupid.  This is a sad last minute attempt to plug the dam with a 
golf tea after the town has already been lost.

Now you want to tell me that it was these same people who all of a sudden 
got hard nosed and bossed around the developers with some magic cripple-it-all
compromise when, not only is the cat out of the bag, but they 
also have little, or questionable legal grounds?  I guess they switched law 
firms eh?  Or maybe it is the same idiots all over again.

> The word to describe what has happened is "disaster". It is
> a deliberate attempt to fragment the international crypto
> community.

And an idiot's version of it too.  I can't help but picture "Baldric" of 
"Black Adder" fame.  "Fear not my lord, for *I* have a cunning plan...."

> > This is an enormous victory.  It is the end, in practical terms, of the 
> > struggle to put strong, verifiable, and affordable crypto software into 
> > the hands of the general public.  It's over, and we have won.

Won what?  I won when I got PGP 2.3a.  Who wins at this game where 
keyservers are unfriendly, keys are limited, international versions are 
"illegal" (still), and upgrade is basically "forced" not because the 
software I have on my computer now is obsolete, but because it ISN'T?  
What the hell is that?

We won.  Hah!  Too bloody much. 

> It will be "over" when I can use whatever encryption I
> choose to protect my communication, without the requirement
> of government of corperate 'approval' to avoid "legal trouble"
> 
> > The thing that bothers me the most about the complaints which have been 
> > posted is that they are implicity, if not explicity, condemnations of the 
> > compromise which PRZ and MIT negotiated.

You noticed this did you?
Negotiated is a colorful verb here.  VERY colorful.


> > I think that PRZ deserves the
> > benefit of the doubt.  He's the one who has put himself on the line for 
> > the rest of us, and he's the one who is most responsible for raising 
> > public awareness of crypto issues.  I'm not suggesting that we follow him 
> > blindly;  but at the same time, if he thinks this is a good deal, that 
> > ought to carry a lot of weight.

I don't know enough about the situation to know whether to support PRZ or 
not.  Why?  

Because no one has been told enough.

The key servers vanish quickly but silently like the extras in some B 
horror flick.  Everyone else stands around by the campfire saying "Hey, 
where did Bob and Sarah go, and where's that firewood they were supposed 
to bring back?  Where'd they get that chain saw I heard earlier and why 
did Sarah keep screaming?  Oh well, let's wait and see if they come 
back.  Even better, Fred, why don't you try and get some wood and see where 
they went?"

Everytime someone objects or asks the admins for some answer, all we get 
is a press release with more restrictions imposed than the last 
over-the-barrel beating.


This is victory?

Give me defeat so I can go home and use 2.3a.

-uni- (Dark)


--
073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!




Thread