From: Adam Shostack <adam@bwh.harvard.edu>
To: perry@imsi.com
Message Hash: dac7c67f4852bf66e85f10036b5a987e504def7e757604bf2ee590bbd4ba5c09
Message ID: <199405241807.OAA05660@bwnmr5.bwh.harvard.edu>
Reply To: <9405241741.AA02631@snark.imsi.com>
UTC Datetime: 1994-05-24 18:07:25 UTC
Raw Date: Tue, 24 May 94 11:07:25 PDT
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Tue, 24 May 94 11:07:25 PDT
To: perry@imsi.com
Subject: Re: compatibility with future PGP
In-Reply-To: <9405241741.AA02631@snark.imsi.com>
Message-ID: <199405241807.OAA05660@bwnmr5.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain
Perry:
| > I agree that this legal silliness is unfortunate, but I don't think
| > that it's especially terrible that Adam would like to be able to
| > advocate PGP use at work without putting himself at risk.
|
| You've misunderstood. The point is only that overseas users,
| technically speaking, do not have access to 2.[56], and might want
| patches. I didn't say anything about whether Adam should be running
| 2.[56] on his machine.
Technically, they never had access to v1, either. As I said
in my first message, I've heard 2.5 has already found its way out of
the US. If that is the case, then the non-US users have access to
2.5. If they do have access to 2.5, then could we discuss the
technical merits of patching 2.5 v. patching 2.3?
Benefits of starting with 2.3:
* widespread use
* no RSA code
* faster?
2.5:
* clearly legal in the USA
* single code base for future modifications
Its my opinion that the single code base, developed outside of
the US, based on 2.5, is the way to go. Patching 2.3 is worthwhile,
but does not address all (potential) users of PGP. Patching 2.5 does
(again, assuming that its been exported), and as such, I feel it is
a better way to go.
Adam
--
Adam Shostack adam@bwh.harvard.edu
Politics. From the greek "poly," meaning many, and ticks, a small,
annoying bloodsucker.
Return to May 1994
Return to “Rick Busdiecker <rfb@lehman.com>”