Tom, I hear that you are distributing a modified version of PGP that uses a different customized encryption algorithm of your own design. If you read the "Snake Oil" section of the PGP User's Guide, then you know how I feel about amateur cryptographer's encryption algorithms that have not been subjected to extensive peer review. PGP's reputation, and my repuitation (which is tied to PGP), depends of people trusting the quality of encryption algorithms and protocols that I have carefully selected for PGP, using all of my knowledge and experience. If someone were to put a new encryption algorithm into PGP without my permission, it could serve to tarnish the reputation that PGP has earned over the years. Accordingly, I do not approve of anyone modifying the cryptographic characteristics of PGP. PGP and Pretty Good Privacy are my trademarks, and their good name is trusted the world over because of the care that I have exercised in selecting its algorithms. If you'd like to write your own cryptographic utility, using your own algorithms and protocols, I have no problem with that. But I do not want my program, my documentation, my name, and my trademarks, to be used for products that may have flawed algorithms. I also have no problem with you modifying PGP for your own private use, if you like to experiment with new algorithms of your own design. But I do not want you to distribute such a program to others, if it uses my code, my manuals, my name, and my trademarks. It could hurt my reputation and PGP's reputation. If I am misinformed on this subject, please let me know and accept my apology for assuming too much. Otherwise, I'd like you to remedy the situation. Please let me know what has happened and what we can do about it. Sincerely, Philip Zimmermann prz@acm.org cc: Curtis Karnow Landels, Ripley, and Diamond