1997-10-17 - Re: what can we do about PGP sell out and CMR?

Header Data

From: Adam Back <aba@dcs.ex.ac.uk>
To: tcmay@got.net
Message Hash: 90beabad835398dd81652c4535a71eb3abbb65df87e6ab41d5d3388d16be9282
Message ID: <199710171801.TAA01389@server.test.net>
Reply To: <v03102806b06d4169021d@[207.167.93.63]>
UTC Datetime: 1997-10-17 19:00:24 UTC
Raw Date: Sat, 18 Oct 1997 03:00:24 +0800

Raw message

From: Adam Back <aba@dcs.ex.ac.uk>
Date: Sat, 18 Oct 1997 03:00:24 +0800
To: tcmay@got.net
Subject: Re: what can we do about PGP sell out and CMR?
In-Reply-To: <v03102806b06d4169021d@[207.167.93.63]>
Message-ID: <199710171801.TAA01389@server.test.net>
MIME-Version: 1.0
Content-Type: text/plain




Tim May <tcmay@got.net> writes:
> Yes, the thrust of my comments was about OpenPGP.
> 
> The OpenPGPers were fretting about how to incorporate GAK and CAK and GMR
> and CMR into their "open," and (presumably) international, standard, and I
> said:  Keep it Simple, Stupid.

To be clear: my efforts in CDR (data recovery) design alternatives, and GAK
resistant design principles are not because care one way or the other about
CDR going into the OpenPGP standard at this point, they were soley to
persuade PGP Inc that there are more GAK resistant ways to achieve same
functionality, which then negates need for CMR extensions.

The CDR proposal is about data recovery which means that it could be
argued to be outside the scope of OpenPGP; it is about how to
implement recovery within mail archives in a MUA, such as pgp5.x mail
client.

Also re. subject line, I now think that it is not a sell out, just a
design mistake; they have good intentions, and have not sold those
out, but have failed to optimally transfer those intentions into the
protocol design.

Adam
-- 
Now officially an EAR violation...
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/

print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`






Thread