Cypherpunks change bytes!
-----BEGIN PGP SIGNED MESSAGE----- I ought to be studying, but goofing off is more fun. I generated a test key with the binary distribution of PGP 2.3a for DOS. I then changed the byte at offset 2F688 in PGP.EXE from 0x33 (ASCII "3") to 0x34 (ASCII "4"), and the byte at offset 2F689 from 0x61 (ASCII "a") to 0x00 (null). The patched PGP.EXE identifies itself as "Version 2.4" in ASCII armor blocks and otherwise; the key generated with the "2.3a" version extracts as a "2.4" key after the patch. ViaCrypt PGP 2.4 for DOS can successfully read files encrypted with the patched PGP.EXE, and add keys generated under "2.3a" but labelled as "2.4" keys. I haven't done a lot of testing, but spot checks make it look like everything's fine. I don't see the point in forcing everyone to patch their binaries or recompile from source - does anyone else? Bidzos & Co. are certainly smart enough to anticipate this step. What's the catch? -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLclzd33YhjZY3fMNAQGiDwP9HjSYfNfn4q/9L/BOqXluH06015x3YmDM gNPfg5T2lWcsYJyyx/tMnVWdtAnFENAFUB7zK5vNq+Y/tquKaE6kEuZeUzZz1o+k sOofUAR1Y+sUii4Fu8R2J7scNCDL2pjl/hIqAAfT0voHiexxOTR9uxCDeiWxz9w0 xpyuvJBLQq8= =G5Oq -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- From the keyboard of: greg@ideath.goldenbear.com (Greg Broiles)
I don't see the point in forcing everyone to patch their binaries or recompile from source - does anyone else? Bidzos & Co. are certainly smart enough to anticipate this step. What's the catch?
Maybe the only 'catch' is legal niceties. PKP/RSADSI considers non- RSAREF PGP to be infringing on their patent. If they allow such use to continue, without challenging it as they have been doing, it might cause problems for them in the future. Some judge might go along with a contention that PGP was implicitly licensed (but I'm not a lawyer, thank Grod). By requiring the keyserver to only support legitimately licensed versions of PGP, PKP/RSADSI are only doing what they've always done; enforcing their patent. Perhaps there doesn't have to be any difference in the format of keys (other than the version number) for the legal situation to become more calm. Richard -----BEGIN PGP SIGNATURE----- Version: 2.5 iQBVAgUBLcnFDMJksDcEdQkXAQEDIAIAj83tGXiGaCYQKWmFgOQD2ZPyJzyBS/MR ZD4hTNZg+cHY3o/SebnrwoiL1ndCEGaO21vEaY8ySnIX58AX86Tu+w== =Qo9c -----END PGP SIGNATURE----- PS - For the humor-impaired, no, I don't have MIT PGP version 2.5 yet.
From: greg@ideath.goldenbear.com (Greg Broiles) Date: Thu, 5 May 1994 15:30:24 -0700 (PDT) I don't see the point in forcing everyone to patch their binaries or recompile from source - does anyone else? Bidzos & Co. are certainly smart enough to anticipate this step. What's the catch? I'd guess that it was a face-saving negotiating point. RSA was screwed to the wall because MIT has fair use on the PKP patents since the invention was performed there. The restrictions on the fair use are so broad as to be meaningless. So they threw him a bone... -russ <nelson@crynwr.com> ftp.msen.com:pub/vendor/crynwr/crynwr.wav Crynwr Software | Crynwr Software sells packet driver support | ask4 PGP key 11 Grant St. | +1 315 268 1925 (9201 FAX) | Quakers do it in the light Potsdam, NY 13676 | LPF member - ask me about the harm software patents do.
participants (3)
-
greg@ideath.goldenbear.com -
nelson@crynwr.com -
Richard Johnson