During the coming week, the Massachusetts Institute of Technology will begin formally distributing PGP 2.5, a new version of PGP that is based on the RSAREF 2.0 cryptographic toolkit, under license from RSA Data Security, Inc., dated March 16, 1994. When that distribution becomes available, the keyserver will return running PGP 2.5. At that time, the keyserver will no longer accept keys that are identified as having been created by versions of PGP lower than 2.4. (PGP 2.4 is Viacrypt PGP.)

Questions: 1) What involvement, if any, does Phil Zimmermann have in the creation of this "new version of PGP"? 2) Will "PGP 2.5" continue to be freeware; i.e., has RSA changed its stance on licensing? 3) If the answer to 2 is "yes", has the strength of the encryption been compromised in any fashion? 4) Isn't this some sort of transparent "back door" grab by some unknown person(s) as a method of encouraging people to switch by fostering the belief that versions of PGP lower than 2.4 are somehow illegal or otherwise illegitimate? (The last is only semi-sarcastic.) Basically, I think I speak for a hefty chunk of list subscribers when I say: I want to know who's behind this.