1996-11-26 - Re: Announce PGP263UI (long message)

Header Data

From: Adam Back <aba@dcs.ex.ac.uk>
To: markm@voicenet.com
Message Hash: 0dab5e1857749f56f2549911f9f92446f891663755c0bdc023adc5d09554535e
Message ID: <199611242036.UAA00120@server.test.net>
Reply To: <Pine.LNX.3.95.961123215230.4222A-100000@gak.voicenet.com>
UTC Datetime: 1996-11-26 01:16:42 UTC
Raw Date: Mon, 25 Nov 1996 17:16:42 -0800 (PST)

Raw message

From: Adam Back <aba@dcs.ex.ac.uk>
Date: Mon, 25 Nov 1996 17:16:42 -0800 (PST)
To: markm@voicenet.com
Subject: Re: Announce PGP263UI (long message)
In-Reply-To: <Pine.LNX.3.95.961123215230.4222A-100000@gak.voicenet.com>
Message-ID: <199611242036.UAA00120@server.test.net>
MIME-Version: 1.0
Content-Type: text/plain



Mark M <markm@voicenet.com> writes:
> Steve Crompton <sunray@globalnet.co.uk> writes:
> > Note that I personally have not done very much of the actual coding on
> > this version.  However if bugs are reported or constructive
> > suggestions for improvements made I will pass them on to the
> > individual(s) who have done the bulk of the work to make this release
> > possible.  I am assured that continuing support will be provided.
> 
> I found two bugs so far:
> 
> This version doesn't recognize either .pgprc or pgp.ini as valid config file
> names.  It is very minor, but this functionality is stated in the manual.
> 
> One of my favorite options, +makerandom, isn't supported in this version.
> This is an undocumented option, but it is useful in many situations.

makerandom is broken anyway.  Security alert: don't use +makerandom in
pgp2.6.3/pgp2.6.2.  The random number generator isn't initialised
before use.  (Details courtesy of Jeff Schiller I haven't looked that
up in the source in detail yet).

> This version uses +version_byte instead of +Legal_Kludge, but I consider that
> a feature.  I haven't had time to experiment with the "Charset:" header.  One
> other minor problem is that ClearSig doesn't default to "on".  This could
> cause some frustration with new users.

I was under the impression that with the Legal_Kludge option for
pgp263i, that it already was compatible with old versions of pgp using
the version byte of 2.

What else does pgp263ui offer?  The GNU license?  What about pgp3?
Some people aren't going to be very happy if you do a GNU version of
that, as GNU doesn't preclude selling commercially provided that
source is provided.

Adam

PS Steve and friends: I've got some stealth code close to usable in
the form of a patch to pgp263 if you want it :-)
--
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`





Thread