[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: why no more RSA keys? (was Re: how to `go underground')
At 05:42 PM 6/22/97 +0100, Adam Back wrote:
>I was really quite unclear as to why the freeware one should have
>reduced functionality, and as we are finally going to get source code,
>I figured it'd be easy to rememdy this deficiency.
>
>Still, I am curious as to why this might be.
>
>One guesses it might have something to do with PGP's financial
>interest to move the internet user base away from RSA keys towards El
>Gamal/DSS key pairs, so that they can remove RSA backwards
>compatibility from the commercial versions, if it comes to that.
>(Re. patent and licesning hassles from the litigious legal-beagles at
>RSA). Perhaps.
Getting out from under the patent restrictions is a big win,
purely aside from the details of any hassles with RSA Inc.
Also, because MD5 is looking shaky these days, they do need to
move people toward versions with SHA1 signatures.
Since the commercial versions do EG/DSS, and people will be
sending messages signed with DSS, and wanting to receive
mail encrypted with EG, it's worthwhile for them
to push people to migrate to the new formats;
the freeware version is an obvious lever, even though I'm sure
there will be fixes to add RSA key generation back in Real Soon.
(Also, you don't _need_ a fix - just keep the old PGP around,
and use it when you want to generate a key.)
# Thanks; Bill
# Bill Stewart, +1-415-442-2215 [email protected]
# You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp
# (If this is a mailing list or news, please Cc: me on replies. Thanks.)