From: Adam Back <aba@dcs.ex.ac.uk>
Date: Sat, 25 Oct 1997 03:12:03 +0800
To: FisherM@exch1.indy.tce.com
Subject: Re: PGP Employee on MKR
In-Reply-To: <2328C77FF9F2D011AE970000F84104A74933D0@indyexch_fddi.indy.tce.com>
Message-ID: <199710241853.TAA05556@server.test.net>
MIME-Version: 1.0
Content-Type: text/plain




Fisher Mark <FisherM@exch1.indy.tce.com> writes:
> Mark Grant <mark@unicorn.com> writes:
> >Yes, but PGP WANT TO BUILD THIS INTO EVERY SYSTEM THEY SELL!!!!! I
> >don't care that any Perl hacker can write a script which builds CMR 
> >into PGP 2.6.2, because those scripts are restricted to those who 
> >wish to use them. PGP ARE BUILDING THE FUNCTIONALITY INTO EVERY 
> >PRODUCT THEY SELL!!!!
> 
> But the changes to add GAK/GMR/CMR to PGP (or any other crypto product
> that permits multiple recipients) are close to trivial.  Don't be fooled
> into thinking that if PGP takes this "feature" out (can't be a bug --
> it's documented :) that that will make it a lot harder to add that
> feature back in once the appropriate laws are passed.

Adding the feature clearly will be easy.  But persuading the people
using the non-CMR enabled software base to downgrade will be a big
problem.  I wonder how many people will still using old versions years
later.  There is a huge inertia to not upgrade that frequently.
People don't like upgrading, companies don't like upgrading, it costs
time, money, it's unwanted hassle.  

I'm guilty of this myself in some areas.  `do fix what isn't broken'.
Eg I'm using an ancient beta Xfree86, and hacking around the expiry
simply because I can't be bothered to download and install the next
version.

At dcs.exeter the admins were _way_ behind.  I had netscape2, and then
3 installed for myself and friends to use, while they were still
trundling along with an antique NCSA Mosaic beta version or something.
I had gcc-273 installed in my own filespace and they had gcc-258 or
something (it matters if you're using templates.. the old ones are
more broken).

> Still, in retrospect, PGP's engineers and scientists should have
> thought about all the security implications of CMR -- they might
> have implemented CDR to begin with.

You would've thought, yes.  Even from a security point of view,
forgetting political arguments CDR is better.

Adam
-- 
Now officially an EAR violation...
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/

print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`