[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PGP 2.5

David Sternlight, here are the answers to most of your questions.

>Just so I'm absolutely clear, since I want to use PGP but not to take any
>legal risks:
>1. Was the person in the administration who approved this empowered to act
>for the MIT Corporation?

Yes.  Jim Bruce, a vice president above Jeff Schiller approved it.  Another
high level official (another VP) also knew, and I'm under the impression 
that he was in favor of it, too.  The decision was a formal decision
by MIT The Institution.  Absolutely NOT a low-level person acting on his
own.  I hope I'm making this point clear enough.

>2. Did the MIT legal counsel act with full knowledge of the patent situation
>and MIT's relationship with PKP?

Of course.  With absolutely full knowledge.  And extensive review.
And careful analysis.  And with a formal written legal opinion to MIT.

>3. Were the counsel and administration people aware that 2.5 uses
>non-published calls to RSAREF?

Perhaps you have a different opinion of what "published" means.  It is
the opinion of MIT and their lawyers that the entry points that PGP
uses are published entry points.  They were not declared public in
previous versions of RSAREF, they were declared static.  But now they
are declared public in the new RSAREF, even to the point of being included
in a header file as public entry points.  MIT advised their lawyers
of the exact nature of this, and the MIT administration was fully informed,
and this issue was discussed to death amongst all responsible parties at
MIT before a formal decision was made.

>I'm eager to start using PGP2.5, and hope it all works out. I'm puzzled that
>Jim Bidzos hasn't acknowledged the non-infringing nature of PGP 2.5 if, in
>fact it doesn't infringe. I'm puzzled he hasn't supported 2.5 the way he has

Has Bidzos publicly asserted that PGP 2.5 is infringing?  If not, then
it would not be safe to assume that it is.  Silence can be interpreted in
a variety of ways.  Or not interpreted at all.

MIT carries a great deal of moral authority by officially releasing PGP 2.5.
I hope this will help defuse your efforts to stamp out PGP.

-Philip Zimmermann
 [email protected]