After seeing the intents of PGP Inc. with the release of their new PGP that breaks the old free versions, I have all but written them off as anything but the Enemy, and am waiting for a public reply on the list by Tim May to make it official. But now what? Please someone answer my questions about PGP - it appears that the 5.x versions are not compatible with the 2.x versions which came previous. Is this so? Also, the direction they seem to be heading is in providing more and more non-free GAKked product. But aren't the 2.x and 5.x versions freeware? If so, can't others - a group of individuals - take that source code and build off of that? Piss on these assholes and their licensing fees. It was inevitable, anyway. They are a corporation after all, and the corporations are not on "our" sides. I can see a scenario where government is impotent and destroyed within 10 years. What will remain and will be harder to eradicate are the corporations. I don't think we should rely on corporate software whenever possible, because it always comes with an ulterior motive. Is there an effort to maintain a version of PGP based on the free 2.x sources that is not affiliateed with the fuckwads at PGP Inc.? If not, is it high time some of us began such an effort?
At 04:24 AM 11/2/97 +0100, Anonymous wrote:
But now what? Please someone answer my questions about PGP - it appears that the 5.x versions are not compatible with the 2.x versions which came previous. Is this so? Also, the direction they seem to be heading is in providing more and more non-free GAKked product. But aren't the 2.x and 5.x versions freeware? If so, can't others - a group of individuals - take that source code and build off of that? Piss on these assholes and their licensing fees. It was inevitable, anyway. They are a corporation after all, and the corporations are not on "our" sides.
PGP 5.x is interoperable with PGP 2.6.x as long as you confine yourself to using PGP 2.6.x RSA keys. When you encrypt a message to a mix of RSA (2.6.x) and ElGamal (5.x) keys, you will get a message stating that if you insist on encrypting to the ElGamal keys, then 2.6.x users will not be able to read the message. I agree that the licensing fees posted are outrageous, but at least PGP Inc. did release the source code so you CAN live without their SDK if you are willing to analyze it. How many other companies release source code? How many other companies release freeware products like PGP 5.0? They have to make a few bucks here and there to stay in business, although I think they are pricing themselves out of the market with their SDK fees. PGP Inc. is not the enemy, although maybe some of the folks there ought to have their heads examined. When they implement mandatory CMR/GMR/GAK and stop releasing source code, then I will throw rocks, too. Until then, I will continue to use their products, and sit on my high horse and laugh at their marketing folks... Jonathan Wienke PGP Key Fingerprints: 7484 2FB7 7588 ACD1 3A8F 778A 7407 2928 3312 6597 8258 9A9E D9FA 4878 C245 D245 EAA7 0DCC "If ye love wealth greater than liberty, the tranquility of servitude greater than the animating contest for freedom, go home from us in peace. We seek not your counsel, nor your arms. Crouch down and lick the hand that feeds you. May your chains set lightly upon you; and may posterity forget that ye were our countrymen." -- Samuel Adams "Stupidity is the one arena of of human achievement where most people fulfill their potential." -- Jonathan Wienke RSA export-o-matic: print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
-----BEGIN PGP SIGNED MESSAGE----- At 04:24 AM 11/2/97 +0100, Anonymous wrote:
But now what? Please someone answer my questions about PGP - it appears that the 5.x versions are not compatible with the 2.x versions which came previous. Is this so?
My copy of PGP 5.0 seems to be completely compatible with 2.6 versions. This message is signed, and my key is included within the message for those of you who have software that discards the non signed portion. (If you don't know how to extract my key, copy it and fix the broken dashed line, or use a keyserver) This is a store bought copy of Eudora 3.0.1 upgraded to 3.0.3 with PGP 5.0, and the $5 RSA add in from PGP. If anyone who knows how to properly use PGP has a problem reading my signature, or my key, please let me know. -- Robert - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: PGP for Personal Privacy 5.0 mQBNAzIcsQUAAAECAOjT/WYy6iCh07ZEaohBwGOjWJc0RKarTJ1ZfKK3feoWW7QK Wb13gBvgnMQeEo92OsW3nxwV20NGQakaFFeDk1kABRG0FFBvb2ggPHBvb2hAZWZn YS5vcmc+tCpSb2JlcnQgQS4gQ29zdG5lciA8cmNvc3RuZXJAaW50ZXJnYXRlLm5l dD4= =kINy - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQBVAwUBNFwVZUGpGhRXg5NZAQFIngH+K1v8JQD8g03mCtHb6ER3qHUvzwHLCOh2 npZUxxK0VFu23hpmc1wUCCZzEGTGYaoy2sxWYQy90eJJvnUU82/EeQ== =czqz -----END PGP SIGNATURE----- -- Robert Costner Phone: (770) 512-8746 Electronic Frontiers Georgia mailto:pooh@efga.org http://www.efga.org/ run PGP 5.0 for my public key
On Sun, 2 Nov 1997, Robert A. Costner wrote:
My copy of PGP 5.0 seems to be completely compatible with 2.6 versions. This message is signed, and my key is included within the message for those of you who have software that discards the non signed portion. (If you don't know how to extract my key, copy it and fix the broken dashed line, or use a keyserver)
Of course your copy of PGP 5.0 is compatible with prior versions. I know this, you know this, and the anonymous author claiming otherwise knows this. He simply hopes that there are some people that don't know this. The idea behind the original post and others like it over the last few days is to spread FUD about PGP 5.0 after other attacks failed for lack of merrit. If you repeat a lie often enough, eventually some people will believe you. PSYOPS 101. Let's not fall for it. [Yes, I know that DSA keys can not be read by PGP 2.6. Neither will Word 1.0 read Word 7.0 files. So what?] -- Lucky Green <shamrock@cypherpunks.to> PGP encrypted email preferred. "Tonga? Where the hell is Tonga? They have Cypherpunks there?"
My copy of PGP 5.0 seems to be completely compatible with 2.6 versions. This ... Of course your copy of PGP 5.0 is compatible with prior versions. I know this, you know this, and the anonymous author claiming otherwise knows
Some of the free 5.0 versions can use RSA keys, and some can't. Robert has the $5 RSA plugin, so his can. The Eudora version can't, and I think the MIT version can, or maybe it was the one on www.pgp.com. By "can't", I mean that it not only won't let you generate RSA keys, it also won't use existing RSA private keys from your old secring.pgp file; I don't know if it can encrypt to other people's RSA public keys or not. I found this very annoying a couple months ago when I was rebuilding my PGP from backups after a disk crash :-) The 5.0 version I'd been using before the crash was happily using my RSA keys, and the brand new Eudora version I used after the crash wouldn't take them, and wasn't very clear about why. One of the local PGP folks told me there was a difference, and loading the right version took care of the problem, and I don't remember encrypting to or validating from any RSA keys in between. Thanks! Bill Bill Stewart, stewarts@ix.netcom.com Regular Key PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
-----BEGIN PGP SIGNED MESSAGE----- In <199711020324.EAA29916@basement.replay.com>, on 11/02/97 at 04:24 AM, nobody@REPLAY.COM (Anonymous) said:
After seeing the intents of PGP Inc. with the release of their new PGP that breaks the old free versions, I have all but written them off as anything but the Enemy, and am waiting for a public reply on the list by Tim May to make it official.
But now what? Please someone answer my questions about PGP - it appears that the 5.x versions are not compatible with the 2.x versions which came previous. Is this so? Also, the direction they seem to be heading is in providing more and more non-free GAKked product. But aren't the 2.x and 5.x versions freeware? If so, can't others - a group of individuals - take that source code and build off of that? Piss on these assholes and their licensing fees. It was inevitable, anyway. They are a corporation after all, and the corporations are not on "our" sides.
I can see a scenario where government is impotent and destroyed within 10 years. What will remain and will be harder to eradicate are the corporations. I don't think we should rely on corporate software whenever possible, because it always comes with an ulterior motive. Is there an effort to maintain a version of PGP based on the free 2.x sources that is not affiliateed with the fuckwads at PGP Inc.? If not, is it high time some of us began such an effort?
<sigh> What a bunch of drivel. I give this post an 8th Grade rating.
Date: Sun, 02 Nov 97 03:22:14 -0600
Does your mommy know you are up this late?? - -- - --------------------------------------------------------------- William H. Geiger III http://www.amaranth.com/~whgiii Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html - --------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: cp850 Comment: Registered_User_E-Secure_v1.1b1_ES000000 iQCVAwUBNFxHF49Co1n+aLhhAQH9OAQAm9cBS0d5EQSpL2sdtpVOMXpooeqr38iT Rk2kbJ1uOr/W8ls0LgCqH11oW+Le2hOTDE9BkyMG7NqiJ11eH6ibLz4YU44qhaqm o4nurUXNS+LdH95eoD/CHqGM1s2KezJ11ZB2rWoLNdOYbXFsOlU4Y2BOyTbd9O1E 3yd0PL5iTR8= =s5xt -----END PGP SIGNATURE-----
participants (6)
-
Jonathan Wienke
-
Lucky Green
-
nobody@REPLAY.COM
-
Robert A. Costner
-
stewarts@ix.netcom.com
-
William H. Geiger III