Re: d-day

[Dave K-P <dkp@iname.com>]

Neva Remailer wrote:

> What do you think about celebrating the expiration of the Diffie-Hellman
> patent by getting all the PGP users in the world to switch to DSS/DH keys
> all at once?

	From www.rsa.com on DSS ...

DSA has been criticized by the computer industry since its announcement.
Criticism has focused on a few main issues: it lacks key exchange
capability; the underlying cryptosystem is too recent and has been
subject
to too little scrutiny for users to be confident of its strength;
verification of signatures with DSA is too slow; the existence of a
second authentication standard will cause hardship to computer hardware
and
software vendors, who have already standardized on RSA; and the process
by
which NIST chose DSA was too secretive and arbitrary, with too much
influence wielded by NSA.

	And from www.rsa.com on the ElGamal variation of Diffie-Hellman...

The main disadvantage of ElGamal is the need for randomness, and its
slower speed (especially for signing). Another potential disadvantage of
the ElGamal system is that message expansion by a factor of two takes
place during encryption. However, such message expansion is negligible
if
the cryptosystem is used only for exchange of secret keys. 

	So, before you run off to play with your new toys, read the
warranty first.  Also there are platforms that PGP 5.0 doesn't cover yet
that PGP 2.6.3i already does, such as: MS-DOS, OS/2, Amiga, Atari,
Macintosh, BeOS and Linux.  Until such a time, a world-wide conversion
seems unlikely.