PGP gurus, I don't follow the ins and outs of PGP very closely, and I can't find anything on this directly in my archived articles. Someone has told me that pre-MIT versions of PGP may have compromised security because "the session key is hashed solely from the plaintext." Is this true? What's the significance? Is there any weakness? Thanks, --Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway."