From: Fisher Mark <FisherM@exch1.indy.tce.com>
To: “‘cypherpunks’” <cypherpunks@cyberpass.net>
Message Hash: 1ec78ee7b07ab555a954361945534613ddecfa139304ad77418da2baff426dee
Message ID: <2328C77FF9F2D011AE970000F84104A74933D0@indyexch_fddi.indy.tce.com>
Reply To: N/A
UTC Datetime: 1997-10-24 17:38:44 UTC
Raw Date: Sat, 25 Oct 1997 01:38:44 +0800
From: Fisher Mark <FisherM@exch1.indy.tce.com>
Date: Sat, 25 Oct 1997 01:38:44 +0800
To: "'cypherpunks'" <cypherpunks@cyberpass.net>
Subject: RE: PGP Employee on MKR
Message-ID: <2328C77FF9F2D011AE970000F84104A74933D0@indyexch_fddi.indy.tce.com>
MIME-Version: 1.0
Content-Type: text/plain
>> Not to mention that *ANY* crypto system can be turned into GAK if
>> the FBI & NSA get congress to pass the laws that they want.
>
>Yes, but PGP WANT TO BUILD THIS INTO EVERY SYSTEM THEY SELL!!!!! I
don't
>care that any Perl hacker can write a script which builds CMR into PGP
>2.6.2, because those scripts are restricted to those who wish to use
>them. PGP ARE BUILDING THE FUNCTIONALITY INTO EVERY PRODUCT THEY
SELL!!!!
But the changes to add GAK/GMR/CMR to PGP (or any other crypto product
that permits multiple recipients) are close to trivial. Don't be fooled
into thinking that if PGP takes this "feature" out (can't be a bug --
it's documented :) that that will make it a lot harder to add that
feature back in once the appropriate laws are passed.
Still, in retrospect, PGP's engineers and scientists should have thought
about all the security implications of CMR -- they might have
implemented CDR to begin with.
==========================================================
Mark Leighton Fisher Thomson Consumer Electronics
fisherm@indy.tce.com Indianapolis, IN
"Their walls are built of cannon balls, their motto is
'Don't Tread on Me'"
Return to October 1997
Return to “Fisher Mark <FisherM@exch1.indy.tce.com>”