I appreciate the temperate responses to my knee-jerk diatribe against RSA's involvement in the golden key campaign. The key logo doesn't actually resemble RSA's very much, although the small versions do seem similar to the golden keys shown in Netscape's browser. So far as I know though Netscape hasn't threatened any lawsuits to make people take crypto off the net so I don't object to that... Now that the patent situation with regard to public key encryption has changed due to the RSA/Cylink split, it appears that the patent which claims to cover all PK encryption has been seriously weakened. There are other PK encryption systems than RSA which are just as good, such as El Gamal or Rabin encryption. Rabin encryption would have the advantage that it could be used with existing RSA keys as long as the modulus is a Blum modulus. PGP at least has always used Blum moduli, perhaps for this eventuality. So an alternative encryption program could use Rabin encryption and work with the existing infrastructure of PGP keys. It would not of course be compatible with PGP for encryption and decryption. This doesn't solve the signature problem; I'm not sure if there is a signature algorithm which could use RSA public keys but which is not covered by the RSA patent. In any case since PGP key certificates use RSA signatures it would not appear to be possible to validate key signatures without infringing on the RSA patents, so that cancels out a lot of the advantages of using existing PGP keys. Hal