[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: PRZ/PGP loses it
This article has lost a few very critical lines,
making it look far worse than it really is.
Network Associates was _not_ formerly known as the
Key Recovery Alliance. They were formerly known as
McAfee Associates. McAfee had been a member of the
KRA, but has since withdrawn. Go see PGP's home page.
And Phil's comments about user consent don't mean that
users _should_ be forced to consent -- viewed in context,
they mean that users shouldn't have their keys or
messages escrowed without their consent,
and the escrow features should require consent.
Furthermore, peer-reviewed encryption isn't dead -
the OpenPGP encryption standard is being developed,
bringing PGP to an open standards process.
At 08:25 PM 12/07/1997 -0800, Vladimir Z. Nuri wrote:
>
>------- Forwarded Message
>
>Date: Thu, 4 Dec 1997 15:02:44 -0500
>From: [email protected] (Barry Skaggs-D26)
>To: [email protected], [email protected]
>Subject: IP: (OT) Cloud Over Future of PGP
>
>Seems like the days of peer-reviewed encryption
>software may be numbered. Just trust Us.
>
>Regards,
>
>Barry Skaggs
>
>
>
>Cloud Over Future of Pretty Good Privacy
> The Price of Key Recovery
>
>Following Monday's US$35 million cash
>acquisition of PGP by Network Associates,
>the man who once testified before the
>Senate that key recovery could "strengthen
>the hand of a police state" now works for a
>company that actively promotes it.
>
>Reaction from e-privacy activists was swift
>and harsh.
>"The users of PGP can no longer rely on the
>credibility of Phil Zimmermann to ensure that
>the product is everything that they've been
>promised it's been previously," said Dave
>Banisar, attorney for the Electronic Privacy
>Information Center and co-author of The
>Electronic Privacy Papers
>
>Network Associates, formerly known as
>the Key Recovery Alliance, an organization
>that lobbies Congress for key recovery that
>would grant law enforcement agencies
>back-door access to private encrypted
>communications.
>
>Network Associates and other companies
>support key recovery because it would allow
>them to export strong crypto software
>without bothering to make a separate
>nonrecoverable version for the domestic
>market. The Commerce Department forbids
>export of the strongest available encryption
>without elaborate promises from
>manufacturers to develop key recovery
>features. Thus many companies are forced
>to develop both export and domestic
>versions of their software, each with
>differing crypto strengths.
>
>But Zimmermann, a pioneer of strong
>encryption, has spent years crusading
>against key recovery, calling it an invasion
>of privacy. And the most recent release of
>PGP's encryption software allows users to
>disable key recovery.
>
>"People should give their consent to use
>[recovery]," Zimmermann said. When asked
>whether future versions of the package will
>retain that option, Zimmermann replied,
>"Certainly, as long as I have anything to say
>about it."
>
>Zimmermann's new title at Network
>Associates is "fellow," but he declined to
>comment on exactly what authority and
>responsibility that confers. Meanwhile, Phil
>Dunkelberger, PGP's former president and
>CEO, was named general manager of
>Network Associates' Total Network
>Security Division.
>
>"It's going to take some time to figure things
>out," said Zimmermann.
>
>EPIC's Banisar was less diplomatic and
>postulated that Zimmermann's new title
>reflected a clash of values between him and
>Network Associates on key recovery.
>
>"We have a number of fellows here, and
>they are usually unpaid volunteers," Banisar
>said.
>
>"It will require a fundamental examination by
>human rights groups and others about
>whether any newer versions of PGP are
>truly trustworthy," said Banisar.
>
>Network Associates could not be reached
>for comment.
>
>Wired, Dec. 3, 1997
>
>
>**********************************************
>To subscribe or unsubscribe, email:
> [email protected]
>with the message:
> subscribe ignition-point email@address
>or
> unsubscribe ignition-point email@address
>**********************************************
>http://www.telepath.com/believer
>**********************************************
>
>------- End of Forwarded Message
>
>
>
Thanks!
Bill
Bill Stewart, [email protected]
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639