Personally, I happen to dislike the PGP 2.6 saga; I think it's effectively turning the wheel back viz. "US only software" as well as confusing the issue ("oh, which PGP do you have ?"). Some say that it's not a problem in the sense that PGP 2.3a will be upgraded to "support" PGP 2.6. Even this situation is clearly undesirable as PGP itself becomes a fragmented product -- esp. as I think "new users" will opt for PGP 2.6, and others will change too because of the purported "legitimacy". The result is that PGP 2.6 _will_ become heavily adopted in the US. This it not the point, however. As the RSA patent is expected to expire in the coming years, one would expect the liberation of PGP, at least in terms of the RSA algorithm (negating the export control issues). The sinister fact of PGP 2.6, and other derived RSAREF product is that even as the patent itself expires, RSADSI still exerts control over PGP by way of RSAREF. Being Australian, I've not read the RSAREF conditions, but there is at the point that commercial use will still not be possible (at it would be under non-RSAREF 2.3a) when the RSA patent expires. So quite possibly, PGP 2.6 is doing a great deal more longer term damage to the viablity of PGP than is immediately obvious. Is this a valid viewpoint ? Matthew. -- Matthew Gream Consent Technologies Sydney, (02) 821-2043 M.Gream@uts.edu.au