[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Tough Choices: PGP vs. RSA Data Security
> All he has to do is let us pay a licence fee for pgp.
> What's the advantage to him in asking for a different piece of code that
> uses RSAREF and DES instead of Phil's code and IDEA? I can't see it,
> except that using DES blows away the security of the program...
>
> No, I think this suggestion should be put down now, or we'll splinter
> and give them exactly the divide-and-conquer opening they're looking for.
Agreed. PGP is too much of a good thing for me to withraw my support
for it without a much more compelling reason than this. As Tim May
stated, we should be careful to see who there real enemies are here.
PGP is certainly not one of them.
I certainly do not want to be RSA Data's "enemy", but from the indications
on here that they are actively working against PGP, and are not likely to
support any similar, freely-distributable product (and that would require
a substantial length of time to develop!) PGP is currently the best, and
only, possibility. Now, if there were some program without the legal
problems that PGP has which was at least very affordable and could
reasonably be expected to gather the same widespread use that PGP already
has, ideally through complete compatibility with PGP keys, I think we
would all agree on using it.
Tim May:
> If RSA fails to take actions against sites and users, it weakens
> their legal position with respect to their patents. The government
> does not need licenses in any case, but users of Clipperphones *do*
...
Indeed.
It would be nice if PGP were universally supported, and legal. That,
as far as I can see, is its only problem. I do not see how we are
going to come up with a solution to that problem without sacrificing
much of PGP's availability and utility. If not PGP, then what? Until
there is a concrete and acceptable alternative to work towards, which
seems unlikely if RSA will not support it, we must work with what
we have.
---