So... Is MD5 essentially history? Aside from MacPGP 2.6.3, is there a pgp version which will support anything else? -- Forward complaints to : European Association of Envelope Manufactures Finger for Public Key Gutenbergstrasse 21;Postfach;CH-3001;Bern Vote Monarchist Switzerland
On Wed, 23 Oct 1996, Derek Atkins wrote:
Black Unicorn wrote:
Is MD5 essentially history?
Aside from MacPGP 2.6.3, is there a pgp version which will support anything else?
Since you asked this in the future tense, PGP 3.0 will support SHA.1
-derek
well, that is alright, &c. BUT WHEN WILL 3.0 RELEASE? it has been imminent for at least 2 years.
well, that is alright, &c. BUT WHEN WILL 3.0 RELEASE? it has been imminent for at least 2 years.
It'll be released when it's done, dammit! And it's almost done! Currently, I'm tracking down a few bugs, and a few details need to get solidified, but other than that I have it working on my desktop and I use it almost every day. It's still got some testing to do, and it needs to get packaged up. And it still needs to get cleaned up a lot (the UI ain't pretty -- even compared to 2.6.2!) This is what is taking so long. Come on, EVERY SINGLE LINE OF CODE WAS RE-WRITTEN! And there are about 60000 lines in PGP3! That's a lot of work, and the 70-30/80-20/90-10 rule is hitting hard. It's coming. We're trying to get it out as fast as we can. But we're not going to sacrifice quality for a little bit of time. -derek
On Wed, 23 Oct 1996, Derek Atkins wrote:
well, that is alright, &c. BUT WHEN WILL 3.0 RELEASE? it has been imminent for at least 2 years.
It'll be released when it's done, dammit! And it's almost done! Currently, I'm tracking down a few bugs, and a few details need to get solidified, but other than that I have it working on my desktop and I use it almost every day.
It's still got some testing to do, and it needs to get packaged up. And it still needs to get cleaned up a lot (the UI ain't pretty -- even compared to 2.6.2!) This is what is taking so long.
Come on, EVERY SINGLE LINE OF CODE WAS RE-WRITTEN! And there are about 60000 lines in PGP3! That's a lot of work, and the 70-30/80-20/90-10 rule is hitting hard.
It's coming. We're trying to get it out as fast as we can. But we're not going to sacrifice quality for a little bit of time.
-derek
Relax Derek, Attila hasn't been bitting you in public over this. Patience is not one of his virtues sometimes, but I have never known him to be purposefully rude and pushy, unless invited. I can understand that a 60K line project from the ground up can be most tedious exercise; sometimes a real mountain to climb. I've done this dance for 17+ years in many venues. However, in terms of volume, you are complaining at someone whose last project was 1 million+ lines of code; most of which he wrote himself. Volume and 90/10 doesn't impress Attila. Instead of carping at him out of frustration; why not ask him for some help? ...Paul
Derek Atkins <warlord@ATHENA.MIT.EDU> writes:
well, that is alright, &c. BUT WHEN WILL 3.0 RELEASE? it has been imminent for at least 2 years.
It'll be released when it's done, dammit! And it's almost done! Currently, I'm tracking down a few bugs, and a few details need to get solidified, but other than that I have it working on my desktop and I use it almost every day.
It's still got some testing to do, and it needs to get packaged up. And it still needs to get cleaned up a lot (the UI ain't pretty -- even compared to 2.6.2!) This is what is taking so long.
Come on, EVERY SINGLE LINE OF CODE WAS RE-WRITTEN! And there are about 60000 lines in PGP3! That's a lot of work, and the 70-30/80-20/90-10 rule is hitting hard.
It's coming. We're trying to get it out as fast as we can. But we're not going to sacrifice quality for a little bit of time.
Is there any way to I could possibly get a snapshot of the source code if I agree not to bug you about it? I have some servers that use PGP pretty heavily, and will come under immediate preassure to upgrade to 3.0 as soon as it is released. Any head start I can get would be really really helpful. While you may be offering a similar command line interface, I have been forced to make heavy-duty use of what might turn out to be just quirks in the 2.6.2 implementation. For example, to encrypt with the first key on a keyring, when I don't know the ID of that key, I use the ID "0x" which just happens to work in 2.6.2 but has no reason to work in 3.0. In many places I also just rely on text processing the standard output and error of PGP to look for particular strings. Clearly this kind of thing is not going to be robust against against a complete rewrite of the source code. I understand that at this point the last thing you want is a whole bunch of questions from beta testers to slow you down. However, for some people a look at the source code would be incredibly useful, even if they can't ask you for any help with it. Is there any way to work something like this out? Thanks.
lcs Remailer Administrator wrote:
Derek Atkins <warlord@ATHENA.MIT.EDU> writes:
It'll be released when it's done, dammit! And it's almost done! Currently, I'm tracking down a few bugs, and a few details need to get solidified, but other than that I have it working on my desktop and I use it almost every day.
Is there any way to I could possibly get a snapshot of the source code if I agree not to bug you about it? I have some servers that use PGP pretty heavily, and will come under immediate preassure to upgrade to 3.0 as soon as it is released. Any head start I can get would be really really helpful.
I would sooner see the specs released - I for one would really like to know the new key ring formats, packet formats etc. Gary -- "Of course the US Constitution isn't perfect; but it's a lot better than what we have now." -- Unknown. pub 1024/C001D00D 1996/01/22 Gary Howland <gary@systemics.com> Key fingerprint = 0C FB 60 61 4D 3B 24 7D 1C 89 1D BE 1F EE 09 06
Black Unicorn <unicorn@schloss.li> writes:
So...
Is MD5 essentially history?
Unclear. The collision Dobertin demonstrated does not provide a practical attack on PGP signatures. However, people worry that Dobertin or others will be able to generalise the attack, so caution, and moving away from MD5 is probably a good idea.
Aside from MacPGP 2.6.3, is there a pgp version which will support anything else?
Zbig (MacPGP author for those who haven't looked at the fatmac pgp docs - http://128.146.111.31/~fiedorow/PGP/) also distributes an unofficial SHA1 patch for PGP, which he says has been tested on various archictectures. (This is a patch to MIT pgp262 or MIT pgp263). However AFAIK fatmac is the only distributed version with SHA1 sig capability included. Ordinarily you'd think that there would be a rush to put out a new version of PGP (Say PGP versions 2.6.4 and 2.6.4i respectively for MIT and Stale Schaumaker's interational version). However, I'm not sure of the status of further pgp2.6.x versions. PGPlib (aka pgp3) is supposed to be being released RSN. PGP Inc was formed earlier this year. Initially PGP Inc made noises about litigation over ViaCrypts incorporation of commercial key escrow in some viacrypt versions. Then PGP Inc bought ViaCrypt and it's parent company, to regain the distribution rights sold to ViaCrypt. The people working on pgp3 are doing so as employees of companies, I'm not sure at what point development switched from freeware to commercial, but at this point my understanding is that Derek Atkins is employed by SGI, and Colin Plumb by PGP Inc. Some time ago when there was a question about which companies were crypto friendly on the list, SGI was listed because they were paying Derek to work on pgp3. One presumes this arrangement started before PGP Inc incorporated. Other people at PGP are also working on pgp3 (Hal Finney, who recently started work at PGP Inc, said that he was in a recent list post). I believe Phil Zimmermann made an announcement earlier this year (probably on this list, but perhaps in a USENET group, I forget), that his lawyers were advising him to discourage other people from using the `PGP' name. MIT is distributing pgp2.6.2, and PGPfone also. MIT seems to be involved as a distribution site at least. Also I understand, though there appears to be no available documentation saying as much, that pgp3.0 will not use RSA, nor IDEA, nor MD5, using instead El Gamal for public key encryption and signatures, 3DES (unsure?), and SHA1. Several people have made pointed comments about the delivery time of pgp3, about the danger of S/MIME getting ahead before pgp3 is released. Several people have opined that there would surely be many people willing to help. I suspect however that the offers of help may be complicated by the commercial nature of pgp3. Also in conversation I hear rumors that there are companies at the moment who have access to beta versions of pgp3. Is this so? And if so, might cypherpunks also be considered? As I understand it pgp3 will be available in source form, and will be available without charge for academic and personal use. People who pay for PGP will get shrink wrap, manuals and use of PGPs tech support lines. However, I am not sure what pgp3 includes... Derek's most recent post to the list indicated that it had a command line UI, similar to pgp2.6.x? Now I agree code takes time to write, specs take time to tidy up, etc. But we like to know what's going on... approximately. What will be in pgp3? What's it use for encryption El Gamal, SHA1, what about symmetric cipher, is it 3DES? Even mentioning that pgp3 will include source code, and be freely available is something that is not being advertised? No mention of pgp3 on www.pgp.com, mit; a web search reveals nothing. Cypherpunks crave information about pgp3, any information... Adam -- print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
I just wrote:
commercial, but at this point my understanding is that Derek Atkins is employed by SGI, and Colin Plumb by PGP Inc.
As someone just pointed out, Derek works at Sun. (I thought I heard SGI chipped in too).
No mention of pgp3 on www.pgp.com, mit; a web search reveals nothing.
An altavista serach found an Internet Draft entitled `PGP Message Exchange Formats', however this appears to be a re-write of pgformat.txt which is distributed with PGP, with some comments explaining expansion directions. eg : The public-key-encryption algorithm is specified by the public-key : cryptosystem (PKC) number of field (f). The following PKC numbers are : currently defined: : : 1 - RSA : 255 - experimental : : More PKC numbers may be defined in the future. An implementation : need not support every PKC number. The implementor must document the : PKC numbers understood by an implementation. The only explicit mention of pgp 3.0 I saw in this document was this somewhat out of date comment: : A new release of PGP, known as PGP 3.0, is anticipated in 1995. To : the maximum extent possible, this version will be upwardly compatible : with version 2.x. At a minimum, PGP 3.0 will be able to read messages : and signatures produced by version 2.x. Someone suggested to me that Derek posted a draft spec for PGP 3.0. Anyone know of the whereabouts of this document. WWW searches aren't turning anything up for me, other than this: : To: cypherpunks@toad.com : From: frantz@netcom.com (Bill Frantz) : Date: Fri, 26 Jul 1996 15:55:38 -0700 : Subject: Usenet Conference on Security : : Just a few of the highlights: : : (1) Ron Rivest speaking on SDSI : [...] : (7) Derek Atkins' description of the PGP Library API. Adam -- print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
Adam Back (aba@dcs.ex.ac.uk):
An altavista serach found an Internet Draft entitled `PGP Message Exchange Formats', however this appears to be a re-write of pgformat.txt which is distributed with PGP, with some comments explaining expansion directions [...]
Someone suggested to me that Derek posted a draft spec for PGP 3.0. Anyone know of the whereabouts of this document.
Yes. That document has evolved to RFC 1991: 1991 I D. Atkins, W. Stallings, P. Zimmermann, "PGP Message Exchange Formats", 08/16/1996. (Pages=21) (Format=.txt) < Network Working Group D. Atkins < Request for Comments: 1991 MIT < Category: Informational W. Stallings < Comp-Comm Consulting < P. Zimmermann < Boulder Software Engineering < August 1996 < < < PGP Message Exchange Formats [...]
participants (8)
-
Adam Back -
attila -
Black Unicorn -
Bodo Moeller -
Derek Atkins -
furballs -
Gary Howland -
lcs Remailer Administrator