[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Why not PGP?
I have a basic puzzlement about this whole war over strong crypto and key
escrow. I admit to being relatively crypto unsavvy, but with a strong (but
not avid) interest in the subject. Schneier sits on my bookshelf, and I
have cracked it a few times, but the prospect of studying it seriously
makes me feel slightly gut-sick.
I use PGP to communicate (presumably) strong-cryptoed messages to my
stepson Ray Hirschfeld in Amsterdam, and vice versa. He uses an
internationational version of PGP, and I use the domestic version that I
got from MIT. They seem to be compatible.
I don't intend to submit my present or future private PGP keys for key
escrow (Is that what's called GAK?). To protect myself against forgetting
my private key (which has happened once already) I'll no doubt some day put
it on a floppy and put the floppy in my bank safe deposit box.
Two questions:
1. Does anyone think that legislation might be passed which would
criminalize my communications with Ray?
2. Suppose someone writes a program Z that has no expicit crypto code in
it, but has hooks for installing one or another version of PGP. Given a
copy of Z, someone in this country could install PGP he got from MIT,
whereas someone in Europe could install the international version.
Would export of Z violate ITAR restrictions?
Rollo Silver / Amygdala | e-mail: [email protected]
216M N. Pueblo Rd, #107 | Website: http://www.artvark.com/artvark/
Taos, NM 87571 USA | Voice: 505-751-9601; FAX: 505-751-7507