[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: what can we do about PGP sell out and CMR?
Tim May <[email protected]> writes:
> Yes, the thrust of my comments was about OpenPGP.
>
> The OpenPGPers were fretting about how to incorporate GAK and CAK and GMR
> and CMR into their "open," and (presumably) international, standard, and I
> said: Keep it Simple, Stupid.
To be clear: my efforts in CDR (data recovery) design alternatives, and GAK
resistant design principles are not because care one way or the other about
CDR going into the OpenPGP standard at this point, they were soley to
persuade PGP Inc that there are more GAK resistant ways to achieve same
functionality, which then negates need for CMR extensions.
The CDR proposal is about data recovery which means that it could be
argued to be outside the scope of OpenPGP; it is about how to
implement recovery within mail archives in a MUA, such as pgp5.x mail
client.
Also re. subject line, I now think that it is not a sell out, just a
design mistake; they have good intentions, and have not sold those
out, but have failed to optimally transfer those intentions into the
protocol design.
Adam
--
Now officially an EAR violation...
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`