From: Christoph_Pagalies@hh2.maus.de (Christoph Pagalies) (by way of habs@cmyk.warwick.com (Harry Shapiro))
To: cypherpunks@toad.com
Message Hash: 8df575e44eb54a71c71c312f23c0c8163f22502dad95dd12dba670ddd07f7afa
Message ID: <9405161641.AA07176@cmyk.warwick.com>
Reply To: N/A
UTC Datetime: 1994-05-16 15:30:29 UTC
Raw Date: Mon, 16 May 94 08:30:29 PDT
From: Christoph_Pagalies@hh2.maus.de (Christoph Pagalies) (by way of habs@cmyk.warwick.com (Harry Shapiro))
Date: Mon, 16 May 94 08:30:29 PDT
To: cypherpunks@toad.com
Subject: Re: macPGP
Message-ID: <9405161641.AA07176@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain
HH> Since that doesn't allow us to verify the code
If heard that argument quite often, but do you really intend to examine
all of the sources?
I'd have the possibility to, but to be honest: I didn't. I got them with a
signature of my predecessor, and I relied on his word.
HH> is there a reason for this?
Yes, there is. After I got the sources I've lost contact to the other
authors of PGP. I don't know whether they've made changes to the sources
as well, so I first didn't release MacPGP at all. But after a while I
decided to release at least the executables - if someone take the chance
to object I'll merge my sources with his. Otherwise I'll release the next
version together with the source code.
HH> How did you sign them? Did you sign the binhex file or the Mac
HH> executeable, etc.?
I put the complete stuff for each language into a Compact Pro archive and
signed these archives. Then I gathered them all in another (uncompressed)
Compact Pro archive.
I'll ask the one who put it into the ftp site where to find it.
Ciao,
Christoph
Return to May 1994
Return to ““Perry E. Metzger” <perry@imsi.com>”