|
Info-PGP: PGP Digest Wednesday 16 December 1992 Volume 2 : Number 5 Hugh Miller, List Manager / Moderator Info-PGP is a digested mailing list dedicated to discussion of Philip Zimmermann's `Pretty Good Privacy' (PGP) public-key encryption program for MS-DOS, Unix, VMS, Atari, Amiga, SPARC, Macintosh, and (hopefully) other operating systems. It is primarily intended for users on Internet sites without access to the `alt.security.pgp' newsgroup. Most submissions to alt.security.pgp will be saved to Info-PGP, as well as occasional relevant articles from sci.crypt or other newsgroups. Info-PGP will also contain mailings directed to the list address. To SUBSCRIBE to Info-PGP, please send a (polite) note to info-pgp-request@lucpul.it.luc.edu. This is not a mailserver; there is a human being on the other end, and bodiless messages with "Subject:" lines reading "SUBSCRIBE INFO-PGP" will be ignored until the sender develops manners. To SUBMIT material for posting to Info-PGP, please mail to info-pgp@lucpul.it.luc.edu. In both cases, PLEASE include your name and Internet "From:" address. Submissions will be posted pretty well as received, although the list maintainer / moderator reserves the right to omit redundant messages, trim bloated headers & .sigs, and other such minor piffle. I will not be able to acknowledge submissions, nor, I regret, will I be able to pass posts on to alt.security.pgp for those whose sites lack access. Due to U.S. export restrictions on cryptographic software, I regret that I cannot include postings containing actual source code (or compiled binaries) of same. For the time being at least I am including patches under the same ukase. I regret having to do this, but the law, howbeit unjust, is the law. If a European reader would like to handle that end of things, perhaps run a "Info-PGP-Code" digest or somesuch, maybe this little problem could be worked around. I have received a promise of some space on an anonymous-ftp'able Internet site for back issues of Info-PGP Digest. Full details as soon as they firm up. Oh, yes: ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; STANDARD DISCLAIMERS APPLY. Hugh Miller | Asst. Prof. of Philosophy | Loyola University Chicago FAX: 312-508-2292 | Voice: 312-508-2727 | hmiller@lucpul.it.luc.edu Signed PGP v.2.1 public key certificate available by e-mail & finger(1) =-=-=-=-=-= Newsgroups: sci.crypt,alt.security.pgp From: strnlght@netcom.com (David Sternlight) Subject: Re: PKP/RSA comments on PGP legality Date: Tue, 15 Dec 1992 11:08:14 GMT Hugh Miller's article is filled with so many inaccuracies it's hard to know where to start, so I'll treat only a few; the remainder is left to others as it's pretty late at night. I'm going to digest, since the message is so long. The first part consists of a massive imputation of motives to Jim Bidzos simply because he gave Carl Ellison some information. As it happens, he gave the same information to me and others. Miller's analysis reads like a paranoid piece of thinking to me. He next finds the advocacy of ripem (which is legal) rather than PGP (which is not, in the U.S.) sinister. More paranoia? He then decides to interpret Bidzos' comments as "threats" instead of statements of fact about Bidzos' interpretation of the PKP patents and the Munitions Act. I must tell Miller, who appears to be winging it without checking the Act, that Bidzos message to me contained extensive quotations from the Munitions act which make it absolutely clear to me that Bidzos is accurate and so is Ellison's summary. Miller then enlightens us on what lawyers do. Is Miller an attorney, or is this more imputation of motives for something Miller doesn't like? Next Miller reports on RSA's income and number of licenses. Is Miller making this up, too, or has he some hard data. According to what Bidzos tells me there are a large number of licenses out there, including Lotus Notes and several other major applications, future IBM and Apple software, etc. Then Miller characterizes as "intimidation and innuendo" what I would characterize as "fair warning." He leaps from Bidzos mentioning that PKP in the U.S. is an ITAR violation (Bidzos provided detailed Munitions Act quotes in his message to me which convinces me he's right), to Bidzos prosecuting developers under the ITAR. That's a totally false statement. Miller then decides to use this as a way to vamp to his obvious dislike of the Reagan Administration. Has no one told Miller that Bush is President, and soon Clinton. Next we have a superb analysis of why the government won't prosecute anyway (because they're embarrassed by a few other incidents) which simply takes the breath away, and is likely to go down in legal annals. I'd hate to be a D.A. taking instructions from Miller. Miller then moves to an attempt to argue that one may, with impunity, post export-prohibited materials to a bulletin board which foreigners have access to. His arguments at this point have become pathetic in his eagerness to make himself right and RSA wrong. He'd better talk to a few software companies which sell export controlled materials, to see what safeguards are, in fact required. Then follows some more bad-mouthing of Bidzos. This is followed by contradictory statements (and wrong ones) about RSAREF. First we hear that he's never seen any RSAREF compiled object code. A few sentences later we read that it's compiled into the ripem beta. Then we hear that the ripem beta isn't available on many platforms (false). Well, there's lots more but I've run out of steam. Apologies for the length of this, which matches paragraph for paragraph with Miller's post--to include that post would have made this message unconscionably longer. Finally, I'm appalled that someone with the logical and factual deficiencies represented in Miller's message is the moderator of the PGP list. I can well imagine what goes on there. David =-=-=-=-=-= Newsgroups: alt.security.pgp From: hmiller@lucpul.it.luc.edu (Hugh Miller) Subject: PAX - Public Access Unix - Anonymous Posting Service Date: Tue, 15 Dec 1992 08:39:53 GMT Here's the file you can get by sending an empty message to anon.info@pax.tpa.com.au. PAX - Public Access Unix (Adelaide,South Australia) - Anonymous Posting Host ============================================================================ Last modified: Fri Nov 20 18:55:52 CST 1992 Information about Anonymous & Privacy-Enhanced Posting. ======================================================= PAX is conducting research into the viability of anonymous privacy- enhanced mail as a means of providing practical, secure and confidential electronic mail and news. An experimental server has been setup and you are encouraged to use it. There are many anonymous posting services in existence which provide anonymous electronic mail and posting to specific newsgroups where posting is sometimes harmful to one's health or reputation ! Such services allow you to: - post anonymously to those news groups - reply anonymously to posts by email - converse anonymously with another anonymous user, neither of you knowing your real identities Privacy-enhanced electronic mail refers to the concept of encrypting one's mail prior to sending it off into the ether, presumably to someone at the other end capable of decrypting it. If one uses a so-called "public key" method of encryption, then one can make one's "public" key widely known so that anyone can encrypt mail to you, but only you can decrypt it using your "secret" key. There is much development going on in this area, but one quite popular public-domain implementation is Philip Zimmermann's "Pretty Good Privacy 2.0" which makes use of a number of cryptographic methods including the RSA algorithm in places (See Legal Issues later on). PGP allows you to: - exchange public keys with another individual - encode messages to them that only they can read - receive messages from them that only you can read These tools are all very well for the specific purposes for which they were designed, but unfortunately your anonymous message or post is not actually anonymous until it gets to the machine that host's the service. Anyone in between, including your own administrators, can in theory read your post, even though they won't know to whom it is directed. What is more they can also read replies addressed back to you. This can be highly embarrassing at best, and result in dismissal or disconnection at worst if your thoughts, beliefs or activities are disapproved of by the powers that be, even if they are perfectly legal. PAX's privacy-enhanced anonymous services were conceived in the belief that free speech and privacy are fundamental rights and that it is high time the networks to which we are connected provided such services on a routine basis. Seeing as they don't we have to make a start somewhere. This service provides: - conventional anonymous mailing and posting services via a "normal" alias assigned in the usual fashion - the ability to post to ANY newsgroup that is carried out of PAX (which includes most non-regional groups) - PGP 2.0 based privacy-enhanced mail & posting, including: - ability to register your "public" key with PAX, so that PAX can send encrypted messages to you - local generation of a unique public key which is sent to you, so that you can send encrypted messages to PAX - any encoded messages from you mailed to a user or newsgroup are decrypted at PAX before being passed on in anonymous form - any anonymous replies to your "pgp" alias are encrypted before being mailed to you For example, once you have obtained your PGP 2.0 software (as described later) and got it going, and once you have generated and registered your public key and received PAX's key in response, you will be able to post to any newsgroup without anyone beyond your machine having access to the plaintext of your post. Furthermore, if another user has registered in the same manner, and you know their anonymous alias or are responding to one of their anonymous posts, even though you don't know who they are and haven't exchanged keys to communicate directly, the PAX service will automatically decrypt any encrypted messages from you and re-encrypt them before passing them on to the other person ! How to use it. ============== All transactions are handled by email, and commands are selected by the name of the alias to which you mail, not by the subject or body of the message (which are ignored unless sending or posting a message). The separator between the "anon" and the command is a dot (period,'.') and nothing else will work ! Not '-', not '_', not ":", only a dot. The site to address mail is "pax.tpa.com.au". If this fails for some reason, you may need to address it to the specific host (at present) ie. "flash.pax.tpa.com.au". "Normal" (unencrypted) commands: - To get information (this message): mail anon.info@pax.tpa.com.au - To see what your "normal" alias is, or get one: mail anon.ping@pax.tpa.com.au - To send a reply to another anonymous user: mail anon.###@pax.tpa.com.au NB: - eg. mail anon.36@pax.tpa.com.au - don't be creative ... anon.036 won't work - an attempt is made to strip off signature lines by discarding everything after a line starting with "--" or "__" - To send a post to a newsgroup: mail anon.post.groupname@pax.tpa.com.au NB: - eg. "mail anon.post.talk.abortion" will send a post to "talk.abortion" - only the Subject field from your post is used, the rest of the header is discarded - the newsgroup is selected by the alias; Newsgroup header fields are discarded; hence cross-posting isn't feasible - signatures are stripped as above "PGP" (encryption) commands: - To register your public key with PAX: (ABSOLUTELY NECESSARY) mail anon.key@pax.tpa.com.au NB: - first you have to make install pgp and make a key then send it in a "anon.key" command - the body of the message MUST contain an ascii encoded public key generated by PGP V2.0. You may use your regular public key that you give to other people if you wish. The user ID name must be unlikely to conflict with one PAX already has, so use your full name, or include your email address or something. If you want you can use a unique key just for PAX - it makes no difference. If PAX already has a key of the same user-id it will reject yours. Note that this means that you need different key user-id's on different machines (or mail addresses anyway). # makes new keys & adds to your "keyring" pgp -kg Enter a user ID for your public key: First M. Last of somefirm # extract key in ascii form suitable for a message body pgp -kxa "First M. Last of somefirm" savedfile pubring # send it to PAX mail anon.key@pax.tpa.com.au <savedfile.asc - PAX will respond by sending you a new alias number and a public key to add to your keyring to use to encrypt messages to PAX. It will have a user ID name of "paxanon.publickey" and you should add it to your public key ring by saving the message in a file and presenting it as follows: pgp -ka savedfile Your life will be easier in future if you reply yes to the certify question. - Note that now you may have two aliases, that sent in response to the anon.key command and that sent in response to the anon.ping command or previous unencrypted replies or posts. Any sunsequent replies or posts that you encrypt before sending will be seen to others as having come from the new alias, and replies will be encrypted before being passed on to you. Any plaintext messages you send will appear to have come from the original alias and responses will also come back in plaintext. - Sending encrypted posts and replies. There are no other commands. If you encrypt a message and send it using the "anon.reply" and "anon.post" groups, the software will detect that they are encrypted, select the appropriate alias as a return address, decrypt the message, and mail or post it. You should use PGP 2.0 to encrypt messages sent to PAX, using the public key that PAX sent to you. DON'T FORGET TO SIGN your message using the secret key corresponding to the public key that you sent to PAX !!! Unsigned messages will be rejected to ensure that the message is really from you and not someone pretending to be you using your account or mailpath. Eg.: # sign and encrypt message for mailing to pax. pgp -east message "paxanon.publickey" -u "First M. Last of somefirm" mail -s "A test post" anon.post.alt.test <message.asc Note the -a (armor) and -t (text) options. Note also the subject flag to mail - PAX will whinge if you post something without a subject. Similarly, all messages to you will be signed using PAX's secret key corresponding to the public key PAX sent to you, hence you will know if the message really came from PAX and not someone else using your public key. ***** NB. The ENTIRE encrypted segment will be passed on after it has been decrypted. There is no processing of any contained header (though it won't work as a header), nor any removal of signature information within the encrypted text. Take great care to ensure that there is no identifying information within the encrypted text. ***** Any plain text accompanying the encrypted text will be discarded. The Subject header field is still passed on during postings as with "normal" unencrypted posts. More work may be done on these "features" if there is sufficient demand for it :). Miscellaneous administrative commands: - To see the current status of the system (message of the day): mail anon.status@pax.tpa.com.au - To send mail to a human administrator: mail anon.admin@pax.tpa.com.au Mailing List ============ To send mail to/join/unjoin a mailing list about this service, and anonymous services in general: mail anon.list@pax.tpa.com.au mail anon.subscribe@pax.tpa.com.au mail anon.unsubscribe@pax.tpa.com.au How secure is it ? ================== Not bad. Clearly it depends on the security of the underlying PGP 2.0 software which is discussed at length in its documentation. The keys are stored, and the messages encrypted and decrypted on a server which also hosts a Public Access Unix system. These files are protected by the usual Unix security mechanisms, but in the event of a security breach could conceivably become visible. The keys would hence be compromised and any messages passing through could be decrypted. The PAX administration could theoretically access the keys and files at will of course. It is hard to conceive of an alternative implementation which links anonymity with privacy enhancement however. This is no substitute for a direct person to person link with certified keys and this service should not be used as a substitute for such if security is a primary concern. Legal Issues. ============= PGP 2.0's use of the RSA algorithm is a problem in the US where a patent is now held on the algorithm, despite its widespread promulgation before the patent was obtained. The PGP documentation discusses this issue at length. Sufficeth to say, this service is provided by a site in Australia and hence should not be subject to the constraints imposed by the US patent. The service is offered to anyone who can reach this site by mail, in addition to PAX's own users, and there is no intention of obtaining any commercial gain by providing the privacy-enhanced anonymous service. Whether individuals in the US can legally use the PGP software to use the service provided by PAX for their own personal use, without first obtaining a license to use the RSA algorithm is an untested issue. Certainly the software is widely available even though it is now maintained outside the US. No such concerns should apply anywhere other than the US. This project is an experiment to see if the concept is feasible and if there is any demand for it. The software is crude, but functional, but it is quite possible that it will fail in unforeseen circumstances. It is designed to loose or fail to pass on a message rather than post or return plaintext (which would be very undesirable) but there can be no guarantees. It is conceivable that plaintext might get sent where it was not intended, and PAX assumes no responsibility for the consequences. At least this would be no worse than the situation that prevails with current anonymous services. THIS IS EXPERIMENTAL SOFTWARE IN A STATE OF FLUX - YOU HAVE BEEN WARNED. END OF FILE - -- ** Anonymity & Privacy by PAX - Public Access Unix (Adelaide,South Australia) ** anon.admin@pax.tpa.com.au (a human) anon.info@pax.tpa.com.au (for help) anon.ping@pax.tpa.com.au (get alias) anon.key@pax.tpa.com.au (register key) anon.###@pax.tpa.com.au (reply) anon.post.g@pax.tpa.com.au (post to g) anon.list@pax.tpa.com.au (to mailing list) anon.subscribe@pax.tpa.com.au anon.unsubscribe@pax.tpa.com.au For dialup Unix access phone +61-8-235-9010 - online registration. =-=-=-=-=-= From: Harry Bush <harry@castle.riga.lv> Subject: pgp21 available in Baltics Date: Mon, 14 Dec 1992 10:09:08 +0300 Hi! Now both pgp21.zip (executables, docs) and pgp21src.zip (sources) are available for FIDO file requests (FREQ) from PGP Supporting Sites in Latvia Info-Shelter 2:495/28 and Castle 2:495/21. PGP21.ZIP 187758 Pretty Good Privacy 2.1 Execs and Docs PGP21SRC.ZIP 436302 Pretty Good Privacy 2.1 Sources Since there is great interest in new PGP 2.1, please use fast modems if possible (16800 baud preferable :-) But, seriously speaking, nobody will be rejected. According to our experience, calls from non-xUSSR countries are much easier in night time. I would like to ask people who make PGP 2.1 varieties for different hardware platforms (McIntosh, Amiga,...) and different languages (Language Kits) to upload them directly to 2:495/28 or send as signed PGP-ed ASCII messages to Harry@castle.riga.lv. Please don't forget to sign the kit. Best wishes, Harry Monday December 14 1992 04:17 --- Golded 2.40.P0720+ via D'Bridge 1.50 * Origin: Harry Bush, Harry@castle.riga.lv (2:495/28) =-=-=-=-=-= Newsgroups: sci.crypt,alt.security.pgp From: res@colnet.cmhnet.org (Rob Stampfli) Subject: Re: PKP/RSA comments on PGP legality Date: Tue, 15 Dec 1992 05:31:35 GMT In article <1992Dec14.014118.11612@netcom.com> strnlght@netcom.com (David Sternlight) writes: > >Bill Stewart corrects my understanding of PGP and IDEA (thanks), which >suggests that troubles for possession and/or use of PGP2.x in the U.S. >can also come from the Munitions Act since PGP is based on an import >of the IDEA implementation, rather than domestic coding of the IDEA >algorithm. > >If my understanding is now accurate that PGP2.x violates both the >Munitions Act and PKP's patents, and that this violation is occasioned >not just by use but also by possession in the U.S., then it would seem >prudent to get it off one's U.S. computers and any U.S. net >sites--Internet, Usenet, Fidonet, anynet. Presence on a bulletin board >system may be just what someone needs to close down that system. I am still not convinced, from what I have read in this forum, that the mere possession of PGP is prima facia evidence that one has personally violated the Muntions Act. The code has been readily available on a number of local (internal to US) machines. There are many things that may not be individually imported (at least very easily), but which are legal to possess in this country. I do agree with you that by making the program available indiscriminately, you may potentially become liable for violation of the (in my mind neanderthal) export provisions of the Munitions Act. >For completeness and to acknowledge a particular position (with which >I disagree), some feel that it's absurd to prevent use of something >here that's widespread in Europe, and are willing to take a chance in >order to press that. I do not understand what you disagree with. Do you disagree with those who feel that crypto software that is available to the rest of the world should be available to Americans, or do you disagree with the taking of chances to potentially arrive at those ends? >My own position is >that if one thinks a law or situation is incorrect, one moves to get >it changed, if possible. One does not take the law into one's own >hands. Actually, as I understand the legal system in the US, there are two avenues by which law may be changed. You can petition for legislative action, or you can take your case into the courts. Now, courts generally don't rule on speculative issues -- they usually demand a bona fide case on which to judge. Hence, you very much have to take the law into your own hands -- someone has to become the proverbial guinea pig. This is exactly what happened with the RU-whatever case involving the French abortion pill. A woman shows up at customs with the pills, after informing them of the fact before hand, customs arrests her for possession, and the case is in the courts. In this case, if someone is of a mind, they could preselect to get into the courts in a civil or criminal capacity. If you want a civil suit, petition the government to let you import the code, and if they refuse, you have the grounds for civil litigation. You could even raise money and make it a class action suit. If you desire a criminal suit, inform the government that you intend to import the code -- tell them how and when, and mention that you are interested in making this a test case -- and let them decide to either ignore it or charge you with a criminal violation. Now, I am not financially independent, nor do I possess the time and inclination to pursue either of these approaches. I do consider them to be rational and ethical methods of seeking redress from an unpopular law. -- Rob Stampfli rob@colnet.cmhnet.org The neat thing about standards: 614-864-9377 HAM RADIO: kd8wk@n8jyv.oh There are so many to choose from. =-=-=-=-=-= From: woody@cs.utexas.edu (James Woodgate) Newsgroups: sci.crypt,alt.security.pgp Subject: Re: PKP/RSA comments on PGP legality Date: 15 Dec 1992 15:52:31 -0600 In article <1galtnINNhn5@transfer.stratus.com> cme@ellisun.sw.stratus.com (Carl Ellison) writes: [stuff deleted] > >NOTE: The pgp documentation states that PKP acquired the patent rights >to RSA "... which was developed with your tax dollars..." This is very >misleading. U.S. tax dollars only partially funded researchers at MIT >who developed RSA. The U.S. government itself received royalty-free >use in return. This is standard practice whenever the government >provides financial assistance. The patents on public-key are no >different and were handled no differently than any others developed at >universities with partial government funding. In fact, almost every >patent granted to a major university includes government support, >returns royalty-free rights to the government, and is then licensed >commercially by the universities to private parties. > So taxpayers pay for research, if it doesn't amount to anything, they just lose the money. If it does amount to anything, they get to pay twice, once for the research, and then again when someone gets an exclusive patent by the University and charges licensing fees. If the government gets royalty-free use, then so should the people who put up the money in the first place, US taxpayers... BTW-The January issue of Popular Science has an article on encryption It states: "The computer industry would like NIST to adopt the RSA technology, but that isn't likely to happen. One reason: If the privately developed technology becomes a standard, the government will have to pay royalties for its use." -- ----------------------------------------------------------------- Linux Rules! woody@cs.utexas.edu pgp key available -> finger woody@cs ----------------------------------------------------------------- =-=-=-=-=-= Newsgroups: sci.crypt,alt.security.pgp From: stevens@vms.macc.wisc.edu (PAul STevens - MACC - 2-9618) Subject: Re: PKP/RSA comments on PGP legality Date: 15 DEC 92 14:01:19 In article <1992Dec14.204408.6485@news.cs.indiana.edu>, Marc VanHeyningen <mvanheyn@whale.cs.indiana writes... >Whoever goes to court to test the patent claim had better darn well have >the resources and circumstances to mount a strong defense or else he'll >just get creamed and a precedent will be set in favor of PKP. It's not >something for some random doofus to challenge without significant >backing and knowledge. Making a frivolous violation and losing in court >does not help your cause; quite the contrary. > -----BEGIN PGP SIGNED MESSAGE----- ~From: stevens@vms.macc.wisc.edu (PAul STevens - MACC - 2-9618) ~Newsgroups: sci.crypt,alt.security.pgp ~Subject: Re: PKP/RSA comments on PGP legality ~Date: 15 DEC 92 12:17:07 Organization: University of Wisconsin Academic Computing Center In article <1992Dec14.204408.6485@news.cs.indiana.edu>, Marc VanHeyningen <mvanheyn@whale.cs.indiana writes... >Whoever goes to court to test the patent claim had better darn well have >the resources and circumstances to mount a strong defense or else he'll >just get creamed and a precedent will be set in favor of PKP. It's not >something for some random doofus to challenge without significant >backing and knowledge. Making a frivolous violation and losing in court >does not help your cause; quite the contrary. I can tell I got your dander up. I wish we could get everyone's dander up. And by implying that I am a random doofus, you have come close to getting my dander up. So that is two of us...lots better than zero. My feeling is that PKP does not have a valid patent. If it turns out that they do, then more power to them. But by standing around and doing nothing we make it valid! Have they ever actually filed a complaint or tried this in a court? My gut feeling is that they are afraid to. They rely on our fear that they might. Where can we find a non-random doofus with resources? Does it help an eventual court case if PKP takes no action when violations are waved in their face? Violations are being waved every day as people discuss their use of PGP and publish their public keys. If I can be put away for computing 5**3 (mod 91) then something is amiss which I will have to learn to accept. Yet it does appear to be a violation of the patent. Maybe we should all sign our postings with PGP (to ensure that we are not being infiltrated by NSA ;-) ). What can we **DO** except stand around like sheep and bleat? I am willing to do my part, including taking risks, in almost any agreed upon plan. I never cease to be amazed by the collective cleverness of the NET. If everyone thinks the best stategy is to wait for the patent to expire and for our elected representatives to outlaw private cryptography then we should all quit using public keys and SHUT UP. PAul stevens@macc.wisc.edu -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUAKy4lv9hquDfl/NHyAQG8oQF+L4pXlABaq6f92JpMGPf7VTDZ06BvtdJl uzgjxTDNUDEgYqLWUDTYuLoW6dn8m+5+ =Nox8 -----END PGP SIGNATURE----- =-=-=-=-=-= From: cme@ellisun.sw.stratus.com (Carl Ellison) Newsgroups: sci.crypt,alt.security.pgp Subject: Re: PKP/RSA comments on PGP legality Date: 15 Dec 1992 20:34:57 GMT In article <hmiller.724397340@lucpul.it.luc.edu> hmiller@lucpul.it.luc.edu (Hugh Miller) writes: > Mr. Bidzos gives the appearance of being a very effective lawyer, >representing the interests of his company, RSADSI/PKP, well. > Consider the post via Carl Ellison. By not making it under his own >name, but under Carl's headers, he achieves a double purpose. First, he >veils his threat. A veiled threat, of course, works better than a naked >one, since it leaves a greater measure of uncertainty in the mind of >potential end-users. And, after all, that is one of the principal aims >of the posting: to scare off potential end-users of PGP, currently the >world's most popular public-key encryption program. Second, he presents >the spectacle to the Net of an intimidated potential end-user, to wit, >Carl. This is also psychologically quite effective, as we in the >Internet community have the tendency to identify with Carl, being like >him. There has been a rush of postings on alt.security.pgp lately >urging the dropping of PGP for RIPEM. How very convenient. Success, so >far. [etc.] My posting was instigated by me. It was written by a group at PKP and RSA, including the corporate lawyer(s), I believe. [I tell lawyer jokes like anyone else, but do happen to have a number of lawyer friends (and one relative) so I don't write off lawyers totally. I'll listen and make up my own mind.] I don't see what RSA and PKP wrote as a veiled threat. I believe their intentions are well known. They want to continue making money off their patent. They, like us, would probably like to see the export laws become more rational (although I don't speak for them). They have even more reason to fear those export laws than we do since their very existence depends on not being shut down. I really believe that they need to keep their noses especially clean -- so I accept the argument that possible ITAR violations by PGP are enough for them to keep their hands off. No one at RSA used me in this posting. I had originally asked (months ago) if I could buy an individual RSA use license from them in order to make it legal for me to use PGP. I was turned down. From there, I continued the discussion and heard over several mail messages substantially what was in the posting. As I kept reading sci.crypt, I felt it was time to say something and was about to post from what I had learned in those exchanges but instead I wrote to RSA asking them if they'd like to post something. I would rather let them word it than do it all myself. They didn't want to post directly but were willing to write something which I could post. I agreed so that's what happened. I do not speak for RSA. I am not their employee. I do choose to honor their patent and obey the ITAR (I think/hope). [I use company computers and have been strongly advised to behave this way by my company's lawyers.] If I were to buy a PC for myself (which I've never bothered doing because the ones I get at work are so good, and I have free use of them in my own time :-), I don't know what I would use for security. I have RSAREF. I'd probably roll my own or use RIPEM (once it's finally released). Or, I might even buy a commercial package like MailSafe -- although I believe that PGP will set the worldwide standard for mail interchange just like UNIX set standards -- and for the same reason: it's free and therefore ubiquitous. What I use today is my own secret-key algorithm together with scripts which let me conveniently interface with Sun's Mail (or the VMS MAIL command). [I have versions for Sun, VAX VMS, Stratus VOS and soon to be MIPS. I'll probably port it to HP-UX soon. But this is just historical accident. If I were starting over today, I'd use compress|des|tran|des|tran|des and transmit the keys with RSA, using RSAREF. This would take a special modification to RSAREF, but I believe it wouldn't be hard to get.] --Carl -- <<Disclaimer: All opinions expressed are my own, of course.>> -- Carl Ellison cme@sw.stratus.com -- Stratus Computer Inc. M3-2-BKW TEL: (508)460-2783 -- 55 Fairbanks Boulevard ; Marlborough MA 01752-1298 FAX: (508)624-7488 =-=-=-=-=-= Newsgroups: sci.crypt,alt.security.pgp From: jgd@dixie.com (John De Armond) Subject: Re: PKP/RSA comments on PGP legality Date: Wed, 16 Dec 92 10:15:34 GMT strnlght@netcom.com (David Sternlight) writes: >Hugh Miller's article is filled with so many inaccuracies it's hard to >know where to start, so I'll treat only a few; the remainder is left >to others as it's pretty late at night. I'm going to digest, since the >message is so long. >He then decides to interpret Bidzos' comments as "threats" instead >of statements of fact about Bidzos' interpretation of the PKP patents >and the Munitions Act. I thought Miller's arguments well thought out and pragmatic. Fact is Bidzos IS saber rattling. If he thought he had a case, he'd prosecute it and forget about the munitions act angle. Patent law gives overwhelming bias toward the holder including early injuctive relief. Bidzos and PKP know that they are likely to lose the whole shebang if they press the case. Statistics alone play against them if my patent attorney is accurate in stating that about 75% of all patent validity challenges succeed. RSA is neither particularly novel nor unobvious to one engaged in the trade. That alone should do the trick without even delving into the legal issues involved with algorithm patents. Lastly, they stand a great chance of losing by virtue of lack of due dilligence in protecting their patent. PGP has been out, what, 2-3 years? No suits yet. Appears they don't care too much. Bidzos is trying a package deal. One part to scare those who fear a patent suit and to get the rest, he throws in a specious Munitions Act threat. Saber rattling at its finest. John -- John De Armond, WD4OQC |Interested in high performance mobility? Performance Engineering Magazine(TM) | Interested in high tech and computers? Marietta, Ga | Send ur snail-mail address to jgd@dixie.com | perform@dixie.com for a free sample mag Need Usenet public Access in Atlanta? Write Me for info on Dixie.com. =-=-=-=-=-= Newsgroups: sci.crypt,alt.security.pgp From: tcmay@netcom.com (Timothy C. May) Subject: RSA Data Security Not All Bad Date: Tue, 15 Dec 1992 20:09:24 GMT I thought I'd mention a few things that show RSA Data Security and Jim Bidzos (their President) to not be all bad, vis-a-vis the recent discussion of PGP and licensing of the RSA patents. First, I'm an occasional user of both MacPGP and MailSafe (for DOS only). Second, I posted the "Trial Balloon to Ban Encryption?" piece on Prof. Denning's ideas about key registration, so I'm not exactly a shill for the national security state. Having said this, I don't believe RSA Data Security is acting to limit the availability of their encryption products, as some have suggested. I agree that MailSafe, one of their standalone end-user products (and the closest thing they have to PGP), is not well-marketed...I had to contact them directly to buy a copy. But Jim Bidzos was so eager to get "hackers" to use MailSafe that he made a special offer. Mr. Bidzos authorized me to announce at the Hackers Conference in 1991, a year ago, that anyone attending the conference could get MailSafe for $50, a substantial reduction from the $125 price at that time (I have no idea what the current price is). The idea was that this would nearly eliminate the complaints of those who wanted their RSA encryption for free. (Personally, I'm opposed to software patents in general, and the patenting of the general math techniques used in RSA in particular. Patenting the kind of math used in RSA is akin to letting Trimble Navigation, for example, patent the Pythagorean Theorem just because they use it in their product. Rivest, Shamir, Adleman, Diffie, Hellman, and Merkle all deserve the fame they've gotten, but allowing a patent on a fairly simple number theory algorithm is wrong.) Several folks at that Hackers Conference took advantage of the offer. But not enough to make it "interesting" to use (meaning, too small a critical mass of users). I used MailSafe to secure some files, but never found anyone I wanted to communicate with who also had it. I even put "RSA MailSafe public key available" in my .signature for a while, but had no takers. This is in contrast to PGP, where about half the folks I correspond with use it, or at least have the capability to use it. This is why PGP has become the de facto standard for "hackers" and other amateurs (meaning, non-corporate users...and maybe a few folks in corporations). It seems to many of us that RSA Data Security is _helped_ by this situation with PGP. Yes, _helped_. Tens of thousands of users of PGP are grappling with the issues, learning the methods of RSA digital signatures and encryption, and are generally getting used to the idea of protecting their own mail and files. These PGP users are potential customers of future RSA Data Security products, either at their companies or, if priced reasonably and supported by RSA, for their own use. Furthermore, the existence of PGP and the rapid rate at which it is evolving (the latest release, 2.1, adds significant new features) is in stark contrast to the moribund MailSafe, which apparently has not changed since 1988. RSA Data Security may not like this "competition," but it may serve to light a fire under them to upgrade their end-user products. (I suppose RSA feels compelled to do something to protect their patent position, lest it be jeopardized by their inaction.) I haven't said anything about the various licensing deals with Lotus Notes, Apple, DEC, IBM, etc. These deals suggest RSA's technology is about to become widespread amongst corporate users, which is all to the good. (Provided there is no crippling of the security...I did hear a report that Apple's "Open Collaboration..." product may be forced to use a reduced-security version of RSA. If true, this is bad news.) Finally, another positive word about RSA Data Security. A year ago they sponsored a wonderful one-day free conference, in Redwood Shores, CA. That conference thoroughly trashed the government's proposed "Digital Signature Standard" (DSS), and helped mobilize the backlash against it. RSA stood to gain from this repudiation of DSS, but the conference was still very useful in illuminating the main problems with DSS. This year the conference is 2 days, January 14th and 15th. Call 415-595-8782 for details (but hurry, as I hear it is filling up fast). Granted, they are pushing their products. But this is also a service to the overall crypto community, and for that we should be appreciative. Just thought I'd find something nice to say about RSA Data Security. ---Tim May .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | PGP Public Key: by arrangement. =-=-=-=-=-= From: steppler@kaa.informatik.rwth-aachen.de (Martin Steppler) Newsgroups: alt.security.pgp Subject: PGP 2.1 available for Amiga Date: 16 Dec 92 16:08:56 GMT PGP 2.1 is available for the Amiga from: amiga.physik.unizh.ch [130.60.80.80] /amiga/util/crypt Martin -- Martin Steppler Phone: +49-241-158579 Internet: steppler@pool.informatik.rwth-aachen.de ADSP: steppler@cookies.egosoft.adsp.sub.org Fido: 2:242/7.12 Martin_Steppler@mowgli.fido.de ***** End Info-PGP Digest *****