At 02:26 PM 8/15/95 GMT0BST, Kev wrote:

...

I've heard this criticism of PGP before, but I don't quite understand it. PGP is free. Why not just upgrade to version 2.6?

Easy to say not so easy to do if your outside the USA/Canada.

However my point may be underlined by a little example :- [Example deleted.] Also, the code has been set up so that new versions can read files written by old versions, and can write files in

Quite easily done. ftp.ox.ac.uk has a good collection of PGP versions. (Oh, no! Somehow these crafty foreigners managed to smuggle munitions out of the country right under the nose of our intelligence services! :-) PGP 2.6.i was written to be a 2.6-compatible version for non-US use, or you can use the 2.6.2 source code with RSAEuro instead of RSAREF and not violate your government's copyright rules. The reason PGP 2.6 is incompatible with 2.4 and earlier versions is that it let MIT make PKP happier about letting them use RSAREF, which gave them patent-legitimacy in the US. (Incompatibilities between earlier versions could be blamed on gratuituous attempts at standards-compatibility...) old-format when needed; I assume the developers will continue this approach any time they make incompatible changes. But the big differences in 3.0 will be libraryizing the code - one effect is that people will be able to build their own PGP-based tools more easily than before, but aren't forced to include the whole package, so people may end up building incompatible parts using the libraries. Some of this is unavoidable - e.g. an encrypted telnet won't talk to a batch file encryptor, but they should still be using the same signature code for session-keys (or DH-halfkeys). #--- # Thanks; Bill # Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com # Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281 #--- Storyteller makes no choice - soon you will not hear his voice. His job was to shed light, and not to master. RIP, Jerry