A number of posts have proposed that perhaps some of the more astute members of this list should be allowed by ViaCryp to examine the source of the commercial PGP. The idea is that if some of the people we are likely to trust give their O.K. to the code then we can all go out and buy the program without fear of hidden back doors. Unfortunately this proposal has the same fundamental flaws that the recent review of the Clipper chip by Denning et al had. A group of even the most competent reviewers can overlook some problems in the code. It may take a long time before a flaw is discovered. The stamp of approval by some members of this list to a commercial PGP with a secret source code would therefore be little more than a marketing scheme. It would be no different from the expert review marketing scheme used to sell us Clipper, as --I think it was John Gillmore-- has recently explained. ---Marc