From: Adam Back <aba@dcs.ex.ac.uk>
To: jon@pgp.com
Message Hash: af86a3fc5f57a707094a023f3309a566c593f6852f2fcf9ed911a8102fc960b8
Message ID: <199710082309.AAA02193@server.test.net>
Reply To: <3.0.3.32.19971008143320.00a9be80@mail.pgp.com>
UTC Datetime: 1997-10-09 00:15:26 UTC
Raw Date: Thu, 9 Oct 1997 08:15:26 +0800
From: Adam Back <aba@dcs.ex.ac.uk>
Date: Thu, 9 Oct 1997 08:15:26 +0800
To: jon@pgp.com
Subject: Re: What's really in PGP 5.5?
In-Reply-To: <3.0.3.32.19971008143320.00a9be80@mail.pgp.com>
Message-ID: <199710082309.AAA02193@server.test.net>
MIME-Version: 1.0
Content-Type: text/plain
[cryptography snipped, Perry's killed the thread]
Jon Callas <jon@pgp.com> writes:
> At 08:48 PM 10/7/97 -0500, Bruce Schneier wrote:
> Jon Calis wrote:
> If this is true (and I have no reason to believe it isn't), then
> why is the key escrow code written (although not turned on) in
> the source code for 5.0 that was posted internationally from PGP?
>
> Bruce, I understand that you don't like any form of data recovery,
> but there is no key escrow in PGP. Perhaps we should talk about this
> on the phone.
Oooh. PGP Inc damage control mode on <clunk>!
We all would like to hear the reason too, Jon :-)
> Makes no sense.
Here are a couple of reasonably plausible ones:
- common source tree with #ifdefs for different products
- some functionality required even in non business version to inform
user about policy flag meanings
btw I didn't read the source code quoted so that second attempt at a
plausible reason might be a dud.
btw2: it isn't just Bruce that doesn't like key escrow.
btw3: your definition of "data recovery" is wrong.
Adam
--
Now officially an EAR violation...
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
Return to October 1997
Return to “Jon Callas <jon@pgp.com>”