[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: compatibility with future PGP



Perry:

| > I agree that this legal silliness is unfortunate, but I don't think
| > that it's especially terrible that Adam would like to be able to
| > advocate PGP use at work without putting himself at risk.
| 
| You've misunderstood. The point is only that overseas users,
| technically speaking, do not have access to 2.[56], and might want
| patches. I didn't say anything about whether Adam should be running
| 2.[56] on his machine.

	Technically, they never had access to v1, either.  As I said
in my first message, I've heard 2.5 has already found its way out of
the US.  If that is the case, then the non-US users have access to
2.5.  If they do have access to 2.5, then could we discuss the
technical merits of patching 2.5 v. patching 2.3?

	Benefits of starting with 2.3:

	* widespread use
	* no RSA code
	* faster?


	2.5:
	
	* clearly legal in the USA
	* single code base for future modifications

	Its my opinion that the single code base, developed outside of
the US, based on 2.5, is the way to go.  Patching 2.3 is worthwhile,
but does not address all (potential) users of PGP.  Patching 2.5 does
(again, assuming that its been exported), and as such, I feel it is
a better way to go.

Adam
	

-- 
Adam Shostack 				       [email protected]

Politics.  From the greek "poly," meaning many, and ticks, a small,
annoying bloodsucker.