1994-05-24 - Re: compatibility with future PGP

Header Data

From: Adam Shostack <adam@bwh.harvard.edu>
To: hughes@ah.com (Eric Hughes)
Message Hash: 4858ef8d470feb703c423e847db07467622de773163f49ad506d85a5a958a06d
Message ID: <199405241655.MAA05076@bwnmr5.bwh.harvard.edu>
Reply To: <9405241450.AA16918@ah.com>
UTC Datetime: 1994-05-24 16:56:06 UTC
Raw Date: Tue, 24 May 94 09:56:06 PDT

Raw message

From: Adam Shostack <adam@bwh.harvard.edu>
Date: Tue, 24 May 94 09:56:06 PDT
To: hughes@ah.com (Eric Hughes)
Subject: Re: compatibility with future PGP
In-Reply-To: <9405241450.AA16918@ah.com>
Message-ID: <199405241655.MAA05076@bwnmr5.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain

You wrote:

| Another thing a patched 2.3 release would have to do to be fully
| indistinguishable is to generate new version numbers itself after the
| given date.

	While I understand that people prefer the 2.3 code because of
its availablility outside of the US, and speed advantages, I think
that its important to remember PGP has not really caught on in the US
because of questions about its legality.  I'm trying to push for the
widespread use of PGP 2.5 here at the Brigham & Women's hospital where
I work.  I can't push for version 2.3 for legal reasons.

	There is a significant advantage to pacthing both the US-legal
and world legal versions of PGP.  Both are useful & neccessary to the
future of strong encryption.  I've heard that 2.5 is available outside
of the US.  If this is so, would it make sense to make 2.5 the version
which is patched and enhamced as the standard?


Adam Shostack 				       adam@bwh.harvard.edu

Politics.  From the greek "poly," meaning many, and ticks, a small,
annoying bloodsucker.