From: Bill Stewart <bill.stewart@pobox.com>
To: cypherpunks@Algebra.COM
Message Hash: 4db1bdde22bdffd833ab9a32e1bba30bb146c4f0285e14a6e969e2953e4966ce
Message ID: <3.0.3.32.19971207204150.006d78ac@popd.ix.netcom.com>
Reply To: <199712080425.UAA22239@netcom14.netcom.com>
UTC Datetime: 1997-12-08 04:48:01 UTC
Raw Date: Mon, 8 Dec 1997 12:48:01 +0800
From: Bill Stewart <bill.stewart@pobox.com>
Date: Mon, 8 Dec 1997 12:48:01 +0800
To: cypherpunks@Algebra.COM
Subject: Re: PRZ/PGP loses it
In-Reply-To: <199712080425.UAA22239@netcom14.netcom.com>
Message-ID: <3.0.3.32.19971207204150.006d78ac@popd.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
This article has lost a few very critical lines,
making it look far worse than it really is.
Network Associates was _not_ formerly known as the
Key Recovery Alliance. They were formerly known as
McAfee Associates. McAfee had been a member of the
KRA, but has since withdrawn. Go see PGP's home page.
And Phil's comments about user consent don't mean that
users _should_ be forced to consent -- viewed in context,
they mean that users shouldn't have their keys or
messages escrowed without their consent,
and the escrow features should require consent.
Furthermore, peer-reviewed encryption isn't dead -
the OpenPGP encryption standard is being developed,
bringing PGP to an open standards process.
At 08:25 PM 12/07/1997 -0800, Vladimir Z. Nuri wrote:
>
>------- Forwarded Message
>
>Date: Thu, 4 Dec 1997 15:02:44 -0500
>From: bxs29@cas.org (Barry Skaggs-D26)
>To: cas@majordomo.pobox.com, ignition-point@majordomo.pobox.com
>Subject: IP: (OT) Cloud Over Future of PGP
>
>Seems like the days of peer-reviewed encryption
>software may be numbered. Just trust Us.
>
>Regards,
>
>Barry Skaggs
>
>
>
>Cloud Over Future of Pretty Good Privacy
> The Price of Key Recovery
>
>Following Monday's US$35 million cash
>acquisition of PGP by Network Associates,
>the man who once testified before the
>Senate that key recovery could "strengthen
>the hand of a police state" now works for a
>company that actively promotes it.
>
>Reaction from e-privacy activists was swift
>and harsh.
>"The users of PGP can no longer rely on the
>credibility of Phil Zimmermann to ensure that
>the product is everything that they've been
>promised it's been previously," said Dave
>Banisar, attorney for the Electronic Privacy
>Information Center and co-author of The
>Electronic Privacy Papers
>
>Network Associates, formerly known as
>the Key Recovery Alliance, an organization
>that lobbies Congress for key recovery that
>would grant law enforcement agencies
>back-door access to private encrypted
>communications.
>
>Network Associates and other companies
>support key recovery because it would allow
>them to export strong crypto software
>without bothering to make a separate
>nonrecoverable version for the domestic
>market. The Commerce Department forbids
>export of the strongest available encryption
>without elaborate promises from
>manufacturers to develop key recovery
>features. Thus many companies are forced
>to develop both export and domestic
>versions of their software, each with
>differing crypto strengths.
>
>But Zimmermann, a pioneer of strong
>encryption, has spent years crusading
>against key recovery, calling it an invasion
>of privacy. And the most recent release of
>PGP's encryption software allows users to
>disable key recovery.
>
>"People should give their consent to use
>[recovery]," Zimmermann said. When asked
>whether future versions of the package will
>retain that option, Zimmermann replied,
>"Certainly, as long as I have anything to say
>about it."
>
>Zimmermann's new title at Network
>Associates is "fellow," but he declined to
>comment on exactly what authority and
>responsibility that confers. Meanwhile, Phil
>Dunkelberger, PGP's former president and
>CEO, was named general manager of
>Network Associates' Total Network
>Security Division.
>
>"It's going to take some time to figure things
>out," said Zimmermann.
>
>EPIC's Banisar was less diplomatic and
>postulated that Zimmermann's new title
>reflected a clash of values between him and
>Network Associates on key recovery.
>
>"We have a number of fellows here, and
>they are usually unpaid volunteers," Banisar
>said.
>
>"It will require a fundamental examination by
>human rights groups and others about
>whether any newer versions of PGP are
>truly trustworthy," said Banisar.
>
>Network Associates could not be reached
>for comment.
>
>Wired, Dec. 3, 1997
>
>
>**********************************************
>To subscribe or unsubscribe, email:
> majordomo@majordomo.pobox.com
>with the message:
> subscribe ignition-point email@address
>or
> unsubscribe ignition-point email@address
>**********************************************
>http://www.telepath.com/believer
>**********************************************
>
>------- End of Forwarded Message
>
>
>
Thanks!
Bill
Bill Stewart, bill.stewart@pobox.com
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Return to December 1997
Return to ““Vladimir Z. Nuri” <vznuri@netcom.com>”