I dunno know. It comes down to which of the following slogans you believe. ECC: "Our algorithm is so good it has been licensed by the NSA". or RSA: "Our algorithm is so good that the NSA tried to prevent it's publication, had it classified as a munition and export controlled, tried to get the government to ban it in favor of a key escrow system, arrested and harassed a programmer for implementing an program using it, etc." Depending on the orientation of your tin foil hat, either one can mean the algorithm is good or has a backdoor. Oh, the fodder for conspiracy theorists. Other theories: It's always in NSA's interest to make sure that the current "in vogue" crypto system require licensing even if it is a commercial license. At least it limits it's use in Open Source and Free Software. Or they now have fast enough computers and fancy enough algorithms to factor most current sizes of RSA keys, and that in order to be secure that they have to start using such large RSA key sizes it's to inefficient to use in some systems anymore (micro transmitters for phone taps) or they figure someone will notice they are using 16K keys and wonder why. So they decide to switch to a more efficient (or just different) algorithm. -- Neil Johnson http://www.njohnsn.com PGP key available on request.