1994-05-24 - Re: compatibility with future PGP

Header Data

From: paul@hawksbill.sprintmrn.com (Paul Ferguson)
To: adam@bwh.harvard.edu (Adam Shostack)
Message Hash: 9f5f6f2a98b2f8015d5f76479f0022964b6dd1ec40b1fe0478052204c61f1f67
Message ID: <9405241926.AA08867@hawksbill.sprintmrn.com>
Reply To: <199405241807.OAA05660@bwnmr5.bwh.harvard.edu>
UTC Datetime: 1994-05-24 18:24:48 UTC
Raw Date: Tue, 24 May 94 11:24:48 PDT

Raw message

From: paul@hawksbill.sprintmrn.com (Paul Ferguson)
Date: Tue, 24 May 94 11:24:48 PDT
To: adam@bwh.harvard.edu (Adam Shostack)
Subject: Re: compatibility with future PGP
In-Reply-To: <199405241807.OAA05660@bwnmr5.bwh.harvard.edu>
Message-ID: <9405241926.AA08867@hawksbill.sprintmrn.com>
MIME-Version: 1.0
Content-Type: text

> 	Technically, they never had access to v1, either.  As I said
> in my first message, I've heard 2.5 has already found its way out of
> the US.  If that is the case, then the non-US users have access to
> 2.5.  If they do have access to 2.5, then could we discuss the
> technical merits of patching 2.5 v. patching 2.3?
> 	Benefits of starting with 2.3:
> 	* widespread use
> 	* no RSA code
> 	* faster?
> 	2.5:
> 	* clearly legal in the USA
> 	* single code base for future modifications
> 	Its my opinion that the single code base, developed outside of
> the US, based on 2.5, is the way to go.  Patching 2.3 is worthwhile,
> but does not address all (potential) users of PGP.  Patching 2.5 does
> (again, assuming that its been exported), and as such, I feel it is
> a better way to go.

Perhaps, but I think that many folks still do not have the answers
they are looking for -- primarily, can you use the secring generated
by 2.3 or below with the new (2.6) release, if you so desired?

- paul