At 5:03 am -0500 on 11/14/97, Anonymous wrote:
I was testing the procedure outlined in Epilogue 5 of InfoWar on a friend's machine and, sure enough, I got PGP 2.62 to spit out the private key he had created as Necessarily Knott, ME.
True confession time. Last March, when I was clearly still figuring PGP out, while experimenting with a nameless Mac PGP crypto package (hint, it wasn't built here on this side of the pond) based on 2.6.2, I accidentally exported my private key and sent it to someone famous so they could sign it. Fortunately, that person (hint, he knew PRZ, once, and got in trouble for it) physically showed up to visit me where I was working at the time, and stood over me while I genned up a new private key (I went to 2048 then) and revoked the old one, talking all the time about how many ways he could do a dictionary for the passphrase... I was feeling pretty stupid until he told me that PRZ did the same thing, back when they were playing with the original version of PGP. Actually, I still felt stupid after that. Believe it... or not. So, anyone want to bet that this key was done the same way? Except, how was Bill able to change the passphrase if he didn't know the old one? Curiouser and curiouser... Cheers, Bob Hettinga ----------------- Robert Hettinga (rah@shipwright.com), Philodox e$, 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' The e$ Home Page: http://www.shipwright.com/ Ask me about FC98 in Anguilla!: http://www.fc98.ai/