[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: PGP Employee on MKR

To: "'cypherpunks'" <[email protected]>
Subject: RE: PGP Employee on MKR
From: Fisher Mark <[email protected]>
Date: Fri, 24 Oct 1997 12:30:09 -0500
Sender: [email protected]


>> Not to mention that *ANY* crypto system can be turned into GAK if
>> the FBI & NSA get congress to pass the laws that they want.
>
>Yes, but PGP WANT TO BUILD THIS INTO EVERY SYSTEM THEY SELL!!!!! I
don't
>care that any Perl hacker can write a script which builds CMR into PGP
>2.6.2, because those scripts are restricted to those who wish to use
>them. PGP ARE BUILDING THE FUNCTIONALITY INTO EVERY PRODUCT THEY
SELL!!!!

But the changes to add GAK/GMR/CMR to PGP (or any other crypto product
that permits multiple recipients) are close to trivial.  Don't be fooled
into thinking that if PGP takes this "feature" out (can't be a bug --
it's documented :) that that will make it a lot harder to add that
feature back in once the appropriate laws are passed.

Still, in retrospect, PGP's engineers and scientists should have thought
about all the security implications of CMR -- they might have
implemented CDR to begin with.
==========================================================
Mark Leighton Fisher          Thomson Consumer Electronics
[email protected]          Indianapolis, IN
"Their walls are built of cannon balls, their motto is
'Don't Tread on Me'"

Follow-Ups:
- Re: PGP Employee on MKR
  - From: Adam Back <[email protected]>

Prev by Date: GMR in the talked-about form here would be unconstitutional
Next by Date: a day in the life of a pgp5.5 user (Re: PGP Employee on MKR)
Prev by thread: Re: PGP Employee on MKR
Next by thread: Re: PGP Employee on MKR
Index(es):
- Date
- Thread