RIPEM is Mark Riordan's public-key program. It is similar to PEM, but does not use the PEM certificates and therefore does not require people to have their keys signed by an agency. It is not really PEM compatible. It does use the RSAREF public-domain encryption package, so it is legal for non- commercial use in the U.S. and Canada.
What I suggested was the use of RIPEM since it is available now, is legal, and is free.
Note, though, that whether RIPEM or PGP is used, they are only for non- commercial use. A remailer that wanted to charge, such as the ones that Eric Messick is discussing, would probably have to license the technology from PKP directly to be legal. (I'm not sure whether PEM also is limited to non-commercial use.)
Hal Finney 74076.1041@compuserve.com
Since the only reason we are talking about RIPEM is because of legality concerns about PGP, I thought I'd mention that it is (at least theoretically) illegal to export RIPEM from the US, annd therefore could not be legally used to correspond with persons overseas. I don't know if there is a legal way to do public key cryptography between persons inside the US and persons outside the US. ----- Brian McBee ----- (503)378-4276 ----- brian@opac.osl.or.gov ----- ----- Oregon State Library, State Library Building, Salem, OR 97310 ----- Plan globally, attack locally