I wonder about the sudden lull in the pgp5.5 CMR argument: have PGP Inc enforced a blanket ban on participation in list discussion of the topic by their employees? Even our anonymous PGP employees posting via remailers on cypherpunks seem to have stopped. PGP Inc seemed to me to be heavily losing the argument where ever employees have spoken on the topic. Unfortunately this doesn't seem to be translating into rejection of the CMR feature, nor of adoption of less dangerous alternatives such as forward secret transport level security, shorter lived encryption keys, and separate storage keys. Perhaps it will take an official government snoop endorsement of pgp5.5 before the danger is acknowledged; by then the damage will have been done. Meanwhile over on ietf-open-pgp: The ietf-open-pgp forum for discussion of development of the now IETF controlled OpenPGP standard seems to have undergone a coo. Cypherpunk Lutz Donnerhacke had pre-empted Rodney Thayer and PGP's Jon Callas draft which had been slow coming by producing a competing draft before them. Lutz's draft was not sympathetic with PGP Inc's CMR, and even included SHOULD features encouraging separate storage keys. John Noerenberg (appointed IETF chair) over-ruled Lutz, and wrested editing of the draft from him, and demonstrated some petty power wielding in over ruling a vote on terminology Lutz had set up -- Lutz had already said he didn't care about the outcome, and just called the vote as a quick way to resolve argument. Now we are waiting for Jon Callas to release the new draft. Wonder whether it will include CMR or not :-) Join in the battle: subscribe by sending email with body "subscribe ietf-open-pgp" to <majordomo@imc.org>. The list address for posting articles is <ietf-open-pgp@imc.org> Adam -- Now officially an EAR violation... Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`