|
Info-PGP: PGP Digest Wednesday 16 December 1992 Volume 2 : Number 4 Hugh Miller, List Manager / Moderator Info-PGP is a digested mailing list dedicated to discussion of Philip Zimmermann's `Pretty Good Privacy' (PGP) public-key encryption program for MS-DOS, Unix, VMS, Atari, Amiga, SPARC, Macintosh, and (hopefully) other operating systems. It is primarily intended for users on Internet sites without access to the `alt.security.pgp' newsgroup. Most submissions to alt.security.pgp will be saved to Info-PGP, as well as occasional relevant articles from sci.crypt or other newsgroups. Info-PGP will also contain mailings directed to the list address. To SUBSCRIBE to Info-PGP, please send a (polite) note to info-pgp-request@lucpul.it.luc.edu. This is not a mailserver; there is a human being on the other end, and bodiless messages with "Subject:" lines reading "SUBSCRIBE INFO-PGP" will be ignored until the sender develops manners. To SUBMIT material for posting to Info-PGP, please mail to info-pgp@lucpul.it.luc.edu. In both cases, PLEASE include your name and Internet "From:" address. Submissions will be posted pretty well as received, although the list maintainer / moderator reserves the right to omit redundant messages, trim bloated headers & .sigs, and other such minor piffle. I will not be able to acknowledge submissions, nor, I regret, will I be able to pass posts on to alt.security.pgp for those whose sites lack access. Due to U.S. export restrictions on cryptographic software, I regret that I cannot include postings containing actual source code (or compiled binaries) of same. For the time being at least I am including patches under the same ukase. I regret having to do this, but the law, howbeit unjust, is the law. If a European reader would like to handle that end of things, perhaps run a "Info-PGP-Code" digest or somesuch, maybe this little problem could be worked around. I have received a promise of some space on an anonymous-ftp'able Internet site for back issues of Info-PGP Digest. Full details as soon as they firm up. Oh, yes: ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; STANDARD DISCLAIMERS APPLY. Hugh Miller | Asst. Prof. of Philosophy | Loyola University Chicago FAX: 312-508-2292 | Voice: 312-508-2727 | hmiller@lucpul.it.luc.edu Signed PGP v.2.1 public key certificate available by e-mail & finger(1) =-=-=-=-=-= Newsgroups: alt.security.pgp From: ntomczak@vega.math.ualberta.ca (N Tomczak-Jaegermann) Subject: Re: pgp2.1 signed announcement botched by usenet? Date: Sun, 13 Dec 1992 21:25:42 GMT ujacampbe@memstvx1.memst.edu (James Campbell) writes: >Sorry, USENET ain't the culprit; Procomm Plus and I were. Unbeknownst to me >(but knownst to everyone in alt.privacy), Procomm's ASCII Upload feature was >secretly adding an ASCII 32 to each blank line in the post. You should have make your message to go through some VM mailer. It would strip for you all trailing blanks (and possibly would perform some other more-or-less-subtle modifications on your message) and everything would be hunky-dory. You wouldn't be so happy if you would expect these trailing blanks to be still there on arrival but you cannot have it both ways. :-) Actually you touched a real problem. Various mailers are known to take liberties with a contents of passing through messages and more often than not you do not have a control over how your message was routed. Uuencoded stuff is not guaranteed to pass unmolested although most people are lucky most of the times. Michal Jaegermann ntomczak@vega.math.ualberta.ca =-=-=-=-=-= Newsgroups: sci.crypt From: warlord@MIT.EDU (Derek Atkins) Subject: Re: PGP 2.0 help please Date: Sun, 13 Dec 1992 16:01:05 GMT In article <1geiggINN7tv@agate.berkeley.edu> bing@zinc.cchem.berkeley.edu (Bing Ho) writes: I realize that I can use somebody's public key and encrypt a message to him, but what if I am say the president of a corporation and wish to encrypt a sensitive memo to all managers. Would I have to encrypt the file however times I have managers, each to his or her own key, or could I create a "list" of recipients? PGP 2.0 does not have this functionality (It was one of the first things I noticed back in September). In fact, PGP 2.1, which I highly recommend you pick up, doesn't have it either. HOWEVER, PGP 2.2 *WILL* have it. I don't know when 2.2 will be released, however I'm sure that it will be in that release. So, to answer your question, given PGP 2.0 or 2.1, you have the encrypt the file once for each recipient, instead of creating a single cryptofile that you can send to everyone. I hope this answers your question. I'm sorry if this is in the documentation, but I wasn't really able to elucidate it. No, You didn't miss anything. Thanks for any help. No problem! -derek -- Derek Atkins -- MIT '93 -- Electrical Engineering --warlord@MIT.EDU | ..!mit-eddie!mit-athena!warlord | s20069@mitvma.bitnet Chairman, MIT Student Information Processing Board (SIPB) MIT Media Laboratory, Speech Research Group =-=-=-=-=-= Newsgroups: sci.crypt From: gerben@rna.indiv.nluug.nl Subject: Re: PKP/RSA comments on PGP legality Date: Sun, 13 Dec 1992 15:31:44 GMT Hopefully, the US Congress will ban software patents altogether *), making political issues like the legality of using a cypher at all the only question left. *) Not much hope, since the text of the GATT treaty does not offer the possibility to exclude *anything* from patentability (except in the case of national emergencies). -- Gerben Wierda Tel. (+31) 35 833539 "If you don't know where you are going, any road will take you there." From the Talmud(?), rephrased in Lewis Carroll, "Alice in Wonderland". =-=-=-=-=-= Newsgroups: alt.security.pgp From: norstar@tnl.com (Daniel Ray) Subject: Re: PGP v. 2.1 Released Date: Sun, 13 Dec 1992 20:08:07 GMT In article <1992Dec10.185107.10925@netcom.com>, strnlght@netcom.com (David Sternlight) writes: > >I have mixed feelings about Uri's message. > >Until the legal status is resolved, one might wish to get rid of the >PGP "tags" which are overt confirmation that one is using a public key >system. On the other hand, I disagree in the sense that if unlicensed >use of public key systems REALLY IS a violation of law (not "is >asserted to be by PKP")--for example after a court case--then his >suggestions is tantamount to publicly advocating the concealing of a >legal violation, which I cannot support. > what are you...nuts? I person either does or does not commit an illegal act. but, if one DOES choose the hard road of committing an illegal act, it is best to commit it whole-heartedly...i.e. let all actions conform to the decision. To commit the act, and then slit your own throat by NOT CONCEILING IT, is the suicide it seems to be. If you are going to betray yourself like that, better to choose to not commit the illegal act. You, personally, may not "publicly advocate" conceiling an illegal act, but it is obvious that one should and must do this if one commits a crime. >If one feels PKP is over-broad in their claims, the way to deal with >this is by direct resolution. If one feels PKP is legally on firm ground >but thinks there "shouldn't be" patent protection for software, or some >such, again the way to deal with this is by trying to get the law changed. >I'm not one who supports illegal acts in the face of what one thinks >is unfairness. what's this..."unfairness"?? what if unfair is defined as targetting you personally and stamping you out through a new law? the people who think they are above the fray often find that, after time, things change... >Finally, I trust the police and intelligence agencies of our >government. They are not a bunch of fascists out to get the innocent, >as some messages sometimes imply, but hard-working fellow-Americans >trying to do a very difficult job. Yes, there have been, and may yes, the intelligence community is really "just a bunch of people". I agree. but as such, they may or may not still choose to start a war with you. and if they did, the odds would already be hopelessly stacked in their favor. they are just people. but they are a unique mixture of good and evil, good and bad traits, lots of things...if they have a lot of power they may get used to using it without constraint. too many scenarios to talk about here. >continue to be some individual abuses, sometimes by senior people, but >the way to deal with that is via strong internal and external >watchdogs, and by clear definition of what is, and isn't to be >permitted. not the right newsgroup for this, but if you look at the U.S. now I can't believe you would say such a thing....your watchdogs fail here and now! >Recent trials of government officials, and recent use of independent >prosecutors, whatever one thinks of the substance, go a long way >toward compelling caution by those who would abuse their privileged >and trusted positions in the FBI and intelligence services. > >David trials & special prosecutors are just pick and choose while the system escalates towards a police state. dan -- norstar The Northern Lights, Troy NY | tnl dialins: +1 518 237-2163 @ 1200-2400 bps 8N1 $free ` | / ------------------------------------------------------- --- * --- UUCP: uunet!uupsi3!tnl!norstar / | . Internet: norstar@tnl.com | =-=-=-=-=-= Newsgroups: alt.security.pgp From: neuhaus@vier.informatik.uni-kl.de (Stephan Neuhaus (HiWi Mattern)) Subject: Re: PGP v. 2.1 Released Date: Tue, 15 Dec 1992 11:42:20 GMT [Sorry that this is such a long posting. I simply cannot express myself more concisely. And Marc, this is definitely *not* a flame.] Marc VanHeyningen <mvanheyn@whale.cs.indiana.edu> writes: >Thus said neuhaus@vier.informatik.uni-kl.de (Stephan Neuhaus (HiWi Mattern)): >>There is no way that a worldwide software distribution [of PEM >>RFC-compliant software] can be created that uses RSAREF, without it >>violating export laws. >The [RFCs] I read did not make any reference to RSAREF. You're right. I actually got it backwards. However, this does not invalidate my point. First, you cannot write a PEM RFC compliant package outside the USA and import it into the USA. According to Mr Bidzo's letter, this is illegal under the ITAR. As soon as it is within the USA, it will also violate PKP's patent if you try to give it away for free. You also cannot write a package *inside* the USA, and export it. If you want to do that without license and patent hassles, you have to get RSAREF. Exporting RSAREF is illegal under the ITAR. If you try to do without RSAREF, it's still illegal, but you can also be sued by PKP for using unlicensed, patented stuff. So, as I said, you *cannot* legally write one single wordwide PEM-compliant software package without getting into trouble, with or without RSAREF. (This is even stronger than my original claim.) >>And how good is an Internet standard if it's US-centric? >There is nothing about the RFCs that is inherently US-centric. The key validation by RSADSI is. Now, I don't have to use this, you say. But what good is my key if it has no signatures on it? I wonder about the RFC creators' motives when they did not even consider foreign key registration centers in the RFCs, or even a scheme like PGP. (I have read the "now obsolete" RFCs 1113 -- 1115. It might be that this has changed in the updated versions. It might even be that I haven't read the RFCs carefully. Anyway, I noted that Mr Bidzos is listed as an "Advisor" in the preface. That might explain the key validation scheme.) [An aesthetical side note: I was also appalled by the large number of times the word "RSADSI" is mentioned in these RFCs. RFCs are supposed to be proposed standards, not a place for advertisements.] Additionally, proposing an *international* standard in a country with export limitations on the very thing the standard is supposed to standardize, and patent claims on the proposed standard method of doing things, without (as far as I know) taking into account the opinions of foreign users/developers, appears US-centric to me. You also said that the author(s) of PGP didn't like the PEM. That's right (I think), and I personally approve of PGP's method of doing things, for one technical and two personal reasons. First, PGP's trust model (and hence, key management scheme) is more general than PEM's. You can easily have a centralized agency sign PGP keys. With PEM, you are forced to trust RSAREF to introduce people. The ciphertext file format and command line options are only minor nuisances that can be fixed easily, should someone feel the urge to do so. Second, RSADSI is strongly linked with PKP, which holds (and threatens to enforce) a software patent. Since I oppose software patents in general, I do not wish to support a company that holds one by paying a key validation fee. Third, I don't like the idea of a trust monopoly. I am perfectly capable of managing my keys myself, thank you, and I'd like to place my trust where *I* choose. (In case you're wondering, I always carry my secret and public keyrings around at all times. I also periodically check these keys against multiple copies kept here and there.) >>You might force all US netters to use RIPEM, but the rest of the >>world will probably use PGP. >RSADSI and PKP don't make U.S. export law. With regard to export law, >PGP and RIPEM are no different. That's right. I apologize, as I was clearly not thinking when I wrote this. But the fact remains: RIPEM is an American free PK product which means that I can't get it. PGP is a non-American free PK program, which means that I can get it. If RIPEM comes out, some parts of it will have to be re-implemented outside the US. That might not be RSADSI's fault. Some people (such as I) will take the easy way, abandon RIPEM and the RFCs, and use PGP. The RFCs must not be approved until it is clear that RSA code (and other crypto code) may be shipped freely between the US and the rest of the world. >[W]ith regard to "the rest of the world" the only difference is that >PGP has already been successfully smuggled out of the U.S., while >RIPEM has not (yet). No, no! To get a copy of PGP from outside the US, it was *never* necessary to ftp it from a US site. I think the first European sites that carried it were ghost.dsi.unimi.it and the Finnish site (forgot the name). As for version 1.0, you may be right technically, though. -----BEGIN UNRELATED SIDE NOTE----- >Patriotism is, in fact, the *first* refuge of the scoundrel. See the recent development of the neo-Nazi movement in Germany. Sigh. We'll drive them out, though. (Even though the politicos may not be of help.) -----END UNRELATED SIDE NOTE----- Have fun. -- Stephan <neuhaus@informatik.uni-kl.de> sig closed for inventory. Please leave your pickaxe outside. PGP 2.1 public key available on request. Note the expiration date. =-=-=-=-=-= Newsgroups: comp.os.os2.apps,alt.security.pgp From: twillis@pintu.demon.co.uk (Tom Willis) Subject: PGP 2.1 and HPACK 0.78 for OS/2 Date: Sun, 13 Dec 1992 21:00:26 +0000 I have posted OS/2 32-bit versions of PGP and HPACK available for anonymous FTP from the UK. These are on: `ftp.demon.co.uk' [158.152.1.65] in ~/pub/ibmpc/pgp Both these were compiled from the standard shipped sources using the GNU 2.2.2 compiler (EMX version). PGP === `Pretty Good Privacy' a Public Key encryption system. HPACK === an archiving utility (currently in Beta) using PGP encryption and authentication and supporting OS/2 EAs and HPFS long filenames. More information on both in NewsGroups alt.security.pgp and sci.crypt. -- Tom \/\/illis | 1. twillis@pintu.demon.co.uk | Have PGP 2.0 key DGA Ltd | 2. GBR55N55@IBMMAIL | ... will swap LONDON UK | 3. 100042.446@Compuserve.com | =-=-=-=-=-= Newsgroups: alt.security.pgp From: uri@watson.ibm.com (Uri Blumenthal) Subject: Re: PKP/RSA comments on PGP legality Date: Mon, 14 Dec 1992 18:16:19 GMT In article <1992Dec14.014118.11612@netcom.com>, strnlght@netcom.com (David Sternlight) writes: |> If my understanding is now accurate that PGP2.x violates both the |> Munitions Act and PKP's patents, and that this violation is occasioned |> not just by use but also by possession in the U.S., then it would seem |> prudent to get it off one's U.S. computers and any U.S. net |> sites--Internet, Usenet, Fidonet, anynet. Presence on a bulletin board |> system may be just what someone needs to close down that system. While that may (or may not) be true, could somebody please clarify this for me: a) If PGP violates PKP's patents - then PKP can seek damage recovery (suing :-). Now - since RSAREF is released for non-commercial use, and RIPEM is going to be freely available real soon now - just what is that damage measured in bucks? If I didn't use unlicensed PGP - I'd have to go get "licensed" RSAREF/RIPEM and exactly $0. dollars would go to PKP's bank account... Triple damage is $0*3 = $0... So? Ah, possible key registration fees? Sorry, but I wasn't going to do that anyway! Sooo? Does this mean, that we, non-commercial individuals, don't really have much to lose, even if worst comes to worst? (:-) b) IMPORTING crypto into US may (or may not) violate the ITAR (I'd have to clarify this with a lawyer), but I'd assume it was going on (importing, that is :-) for quite a while. So far neither US government, nor NSA did really anything, either verbally or physically, to stop such IMPORTING. Note, that EXPORTING is under heavy fire from both of them (:-). Conclusions? |> As for the argument that some make that "you" will probably neither get |> caught nor prosecuted for this illegality, the ethics of that position |> are open to the most serious questions (assuming my understanding |> of the underlying situation is accurate). Well, ethics of paying nothing for RIPEM and for paying nothing for PGP? OK, maybe my sensitivity is down... (:-) Or is the all idea PKP has - to dangle the RIPEM carrot in front of our noses, to let us all appreciate the advantages of secure mail - and then to revoke RSAREF licese? To say: "OK folks, now we'd like to get tome nominal fee for our generosity." |> Finally, given my understanding, the notion that if it's uploaded all |> over the place, what can "they" do seems to betray a lack of both |> realism and ethics. Try the argument that if lots of people take |> cocaine, what can "they" do? to see this. First - let's not compare apples and oranges here, OK? Emotions are good, as long as they're under control (:-). Second - there are some laws which people constantly break (how about speed limit for one?) and even sort of "safe zone" is established: if you violate speed by no more than N miles per hour - they won't bother you. And yes, 95% of all the drivers I see on the road (including myself :-) do break this law. Not much of consciousness (:-). |> The proposal to produce a de novo version here in the U.S., based on |> the IDEA algorithm (if published and the IDEA folks permit it), and |> RSAREF (assuming RSA will license RSAREF for PGP), in contrast seems |> both ethical and legal, if I understand this correctly. PKP will never license anything for PGP. But: a) if PKP revises their RSAREF license; b) IDEA implementation is written somewhere here (not a big deal, I warrant you :-). then PGP with those add-on pieces will be perfectly legal. |> Just a passing point on the latter paragraph--people shouldn't count |> their RSAREFs 'til they're hatched. RSA still owns RSAREF, and though |> they've licensed it, with a specific associated agreeement, for ripem, |> that doesn't mean they HAVE to license it for a future PGP. Whoever is |> doing this "legal PGP" project should check with Jim Bidzos of RSA |> at their earliest opportunity (jim@rsa.com). Well, I did and he said lots of nice things in his e-mail, including his promise to send the copy of their revised license to me and to post it to the Net on first Tuesday after Thanksgiving. Well, if you saw that revised license - you saw more than I (:-). Therefore I'd not bet on anything related to PKP. Including future availability of RSAREF for free for non-commercial users. |> My own position is |> that if one thinks a law or situation is incorrect, one moves to get |> it changed, if possible. One does not take the law into one's own |> hands. One particularly doesn't take innocent bystanders down with |> one. Any comments in relation between this statement and the law of speed limit? [It appears to me, that everybody thinks this law is just not there :-] -- Regards, Uri. uri@watson.ibm.com ------------ <Disclaimer> =-=-=-=-=-= Newsgroups: sci.crypt,alt.security.pgp From: pmetzger@snark.shearson.com (Perry E. Metzger) Subject: Re: PKP/RSA comments on PGP legality Date: Tue, 15 Dec 1992 01:33:27 GMT strnlght@netcom.com (David Sternlight) writes: > >Bill Stewart argues that the IDEA algorithm isn't covered by the >Munitions Act provisions. Though I hope he's right, I'm not so >sure. I think the Munitions Act covers cryptographic methods. This can't be the case. I can travel to Europe, learn about IDEA, then come to the US and hold a public speech on how the algorithm works. In order to prohibit the "importation of cryptographic algorithms", as opposed to cryptographic implementations, it would be necessary to forever ban anyone who learned about any cryptographic system abroad from ever reentering the US because having legitimately learned of the system abroad no US law could prevent him from describing the system to others, given that the first amendment would prohibit such a restraint on speech. It is, in fact, impossible to prohibit the export of unclassified cryptographic algorithms (but not unclassified cryptographic software) for exactly the same reason -- it would be necessary to prohibit anyone who had ever read the DES specs, say, from leaving the US without a license. As we all know that the distinction between an algorithm and an implementation in actual software is just a matter of effort that educated programmers around the world can readily accomplish, it is easily seen why the entire notion of export/import controls on cryptography is idiotic. However, idiocy has never stopped the government in the past, so there is little expectation it will stop it in the future. -- Perry Metzger pmetzger@shearson.com -- "They can have my RSA key when they pry it from my cold dead fingers." =-=-=-=-=-= Newsgroups: sci.crypt,alt.security.pgp From: hmiller@lucpul.it.luc.edu (Hugh Miller) Subject: Re: PKP/RSA comments on PGP legality Date: Tue, 15 Dec 1992 05:29:00 GMT Mr. Bidzos gives the appearance of being a very effective lawyer, representing the interests of his company, RSADSI/PKP, well. Consider the post via Carl Ellison. By not making it under his own name, but under Carl's headers, he achieves a double purpose. First, he veils his threat. A veiled threat, of course, works better than a naked one, since it leaves a greater measure of uncertainty in the mind of potential end-users. And, after all, that is one of the principal aims of the posting: to scare off potential end-users of PGP, currently the world's most popular public-key encryption program. Second, he presents the spectacle to the Net of an intimidated potential end-user, to wit, Carl. This is also psychologically quite effective, as we in the Internet community have the tendency to identify with Carl, being like him. There has been a rush of postings on alt.security.pgp lately urging the dropping of PGP for RIPEM. How very convenient. Success, so far. The issuance of credible and effective threats constitutes a large part of the work of a lawyer. Threats are much less expensive than actual lawsuits, and less risky (one can lose a lawsuit; one cannot `lose' a threat). It is a cardinal rule of actual legal practice that one should postpone as long as possible going to court over a situation which is already favorable to you _in re_. Mr. Bidzos's company makes a modest income from the (few) licenses it has issued to software developers, and it wouldn't be prudent, as they say, for him to risk going to court and subjecting the RSA patent (and his investors' capital) to the glaring light of a public trial, when he can achieve his ends by intimidation and innuendo. But this does not means that we, the readers and targets of his threats, need to take them at face value. Mr. Bidzos claims that we should avoid using PGP because it is "tainted by serious ITAR violations." If it has fallen to the likes of Mr. Bidzos to prosecute PGP developers, distributors, and users under the ITAR, then the Reagan Revolution's privatization-of-government schemes have gone farther than we thought. Mr. Bidzos does _not_ speak for the federal government, although he may well have been speaking _to_ that government's agents about PGP. Some branch or other of the federal government may well be bothered by the existence of PGP, but it would be unlikely that any prosecution would be mounted by a federal agency without a prolonged consideration of the political risks this would involve. The Feds are still smarting over the Phasorphone and DES debacles, not to mention NSA's failed attempt to wangle control of crypto funding from the NSF, and the current bad publicity over the FBI's "digital telephony" scheme. I hardly think they would be eager to climb back into that saddle just yet, knowing the public outcry that would greet such an attempt. As to Mr. Bidzos's claim that by simply posting PGP on a BBS, "you have exported it," this is laughably absurd. There are literally hundreds of "data security" programs floating around the Internet and the BBS world. Some employ DES; some their own `miracle' proprietary schemes. All are examples of "privacy devices, cryptographic devices and software (encoding and decoding), and components specifically designed or modified therefore." For all the years these little file-scramblers have been making it into the public domain, Mr. Bidzos has managed to keep his zeal for the law in check. But ah, all of a sudden up pops a public-key cryptosystem with source code supplied and he is filled with patriotic elan. Is Mr. Bidzos actually trying to goad the federal government into launching some kind of major criminal prosecution against everyone who has had a hand in the development or distribution of PGP? ITAR statutes are criminal statutes; if you're convicted under them, you're looking at hard time in Leavenworth. Is he seriously advocating prison sentences for these persons, or for end-users of PGP? Is such a position really in the best interests of his company, from any standpoint, since he is actively promoting the same technology himself? If such a prosecution actually were to go forward, cryptography in general would suffer, and RSADSI/PKP along with it. But what about the protection of the patent rights held by Mr. Bidzos's company -- which it is his true and only aim to protect, ITAR burblings being a side issue? What, then, are we to do, if we wish to avail ourselves of the powerful assymetric cryptosystems which, RSADSI/PKP claims, are all covered by their patent? It appears that we cannot just go to the library, Xerox up Rivest, Shamir, and Adleman's "A method for obtaining digital signatures and public key cryptosystems" (CACM 21(2), 120-6, Feb. 1978), and devote a few hundred hours to banging up an C implementation. The RSA algorithm is covered by a patent, #4,405,829 (issued 20 Sept. 1983). RSADSI/PKP is the sole assignee of the patent, held by MIT. They also have acquired the rights to three other PK systems and are apparently claiming patent rights to the very idea of public-key cryptography, which, unless I read the literature wrong, was first published by Whit Diffie and Martin Hellman ("New directions in cryptography," IEEE Trans. Info. Theory, IT22, 644-54, Nov. 1976). Mr. Bidzos advocates adoption of "a program, including source code, called RSAREF," from RSADSI. Yet RSAREF is, to my knowledge, not a complete program, but a set of subroutines which do a specific, limited, and inflexible number of mathematical operations on given input data. It is by no means a full program, and it would require a great deal of work to build it up into one. (I have never seen any "rsaref" compiled object code for any machine, any platform; only source code. And it is my understanding that we would not even have RSAREF in the public domain had it not been crowbarred out of RSADSI/PKP by the terms of one of their federal grants. So RSAREF represents an algorithm for which we, the taxpayers, have paid _twice_. Mr. Bidzos claims that it is being offered for "free.") Even if one were to build a PK system upon RSAREF, it would lack much of the flexibility and functionality of PGP, which utilizes quite different data structures for its keys, key certificates, keyrings, etc. etc. RIPEM, built upon RSAREF, from the beta version I have seen (and which I downloaded by anonymous ftp from scss3.cl.msu.edu two weeks ago, before the ftp archive there was closed to anon-ftp access), is a slower program with fewer options and much less functionality than PGP, especially on a non-Unix platform. It keeps both the plaintext and encrypted text in memory together, and thus imposes limitations on many end-users with small memory allocations. Unlike PGP, it cannot do symmetric (private-key) encryption. It lacks the ability to sign public keys. It relies heavily upon a centralized key distribution authority (although it can be used without such), which PGP does not. For its single-key cipher it utilizes, ahem, DES. Unlike PGP, there is no current version for Macintosh and compatible computers. And the docs for 4.2(beta) indicate that even its own author, Mark Riordan, is unsure that "the current RSAREF license allows free personal use of RIPEM by citizens of the United States and Canada." He _thinks_ it does. "However," he notes, "this personal interpretation has no legal standing, and RIPEM users are urged to read the RSAREF license agreement themselves." And Mr. Bidzos would like us to be reassured by this? Mr. Bidzos urges us to avail ourselves of MailSafe, RSADSI's proprietary end-user package (for Mess-DOS environments). Apparently MailSafe is obtainable only by direct mail order from RSADSI. A call this morning to the biggest local retailer of PC hardware and software in Chicago, Elek-Tek, revealed that they had never heard of MailSafe, and none of their distributors carries it. The same with CompUSA, in Skokie. A call to Egghead Software, one of the biggest national chain software retail dealerships, revealed that they had never heard of MailSafe, and none of their distributors carries it. One could go on and on. This is hardly the aggressive marketing one would expect from a firm with a lock on a patent of critical importance to Americans in the Information Age. Albert Einstein worked in a patent office, but it never occurred to him to patent the theory of special relativity. If he had, and had assigned the patent to Bidzos & co., the world's first cyclotron would still be nothing but drawings in a grant proposal. Mr. Bidzos and his co-workers at RSADSI/PKP may feel that, at some point, they must go to court to protect the patents they claim. But as prudent lawyers they must not relish the prospect. They risk a lot: not just the patent(s), but the immensely bad publicity they would get from such an action. Any victory they would win would be Pyrrhic, given the immense fund of ill-will towards the issue of algorithmic patents generally and these ones in particular evident in the computing community. The ACM recently adopted a code of ethics which includes among its "General Moral Imperatives" the stipulations that, "As an ACM member I will... 1.5 Honor property rights including copyrights and patents, ... 1.6 Give proper credit for intellectual property." These stipulations are already generating heat among ACM members. (Ironically, "General Moral Imperative" # 1.7 obliges ACM members to "Respect the privacy of others.") I cannot believe that RSADSI/PKP would think it worth their while to pursue a suit like this against a freeware product produced by a worldwide group of relatively penniless but widely admired computer professionals. In the Information Age, in which we have been living for a long time now, innovations like PK cryptosystems and David Chaum's untraceable- transactions techniques will become crucial to the protection of our rapidly diminishing privacy. They afford end-users the ability to take effective control of the security of their communications and of the availability of information about them, without having to trust to the benignity of government agencies. In this new world, they ought to be freely and widely available. To bar their use, or the dissemination of knowledge concerning them, would be to deprive citizens of effective means of preserving their own privacy. Privacy means nothing if effective means to preserve it are lacking. Consequently, I for one am not afraid to stand up and be counted as a supporter of the fine work of the PGP development team, and especially of Phil Zimmermann, who got the ball rolling with version 1.0. The program currently has far more users and admirers than any other public-key encryption system, and for good reason. It is an elegant piece of work, made more elegant with each revision. Nor am I afraid to put myself on record as a principled opponent of the RSA patent (and of algorithm/software patents generally), and as an opponent of the regulation by the government of cryptographic import/export/use in any form. If my doing so creates any legal exposure for me, then that is a risk I am prepared to take for the sake of the proverbial `eternal vigilance.' If it actually ends up costing me or other like-minded American citizens, then, in my view, this country's Constitution will have suffered yet another humiliating debasement. Hugh Miller Department of Philosophy Loyola University Chicago Moderator, Info-PGP Digest info-pgp-request@lucpul.it.luc.edu -- Hugh Miller | Dept. of Philosophy | Loyola University of Chicago Voice: 312-508-2727 | FAX: 312-508-2292 | hmiller@lucpul.it.luc.edu ***** End Info-PGP Digest *****