"Robert A. Hayden" writes:
I'm willing to wager that this 2.6 and maybe 2.5 versions are hacked by the NSA to put in their spiffy key-escrowed backdoor.
Anyone think 2.6 *doesn't* have a backdoor added?
Yup. In order for ANYONE with sense to trust this release, they're going to have to release the source like they have in previous versions. If there is a backdoor in the code, it will undoubtedly be spotted rather quickly, as there will be hundreds, if not thousands of people going over the code... And if there is a backdoor, it will be quickly eliminated via a patch file. Personally, I'm going to compile the code myself, just to make sure they haven't tried to sneak a backdoor into the binary and not the source... As for patching PGP 2.6 to read previous messages: since RSAREF is going to be changing, I don't know how likely this is. Our best bet would be to include RSAREF 2.0, which I believe can still decode earlier messages, as well as the new RSAREF, and put in code to recognize which version of PGP the message was created with and use the "apppropriate" version of RSAREF. Anyway, this should be a moot point after about two weeks or so, as PGP v2.6 will undoubtedly appear in the rest of the world.. -- ========================================================================== | Michael Brandt Handler | Philadelphia, PA | <grendel@netaxs.com> | | PGP 2.3a public key available via server / mail / finger | ==========================================================================