Source Code NOT available for ViaCrypt PGP
I talked once again with Dave Barnheart at ViaCrypt, and he told me: A) No source code will be available, due to the nature of the agreement between PKP and ViaCrypt. B) He is under 'a lot' of pressure to have a product 'on the shelves in under two months', and therefore the first release will be a MS-DOS version, then Macintosh, SVR4, SUN OS, and all of those unix versions, and that they will eventualy put out a windows product and start makeing improvements to the actual product. So in answer to (Paul Goggin's?) questions about verification of changes, "We'll Just Have To Trust Them(tm)" <g> But look on the bright side... This will blow David Sternlight out of the water! Happy Hunting, -Simon Trask <cdodhner@indirect.com> PGP public key available upon request.
I talked once again with Dave Barnheart at ViaCrypt, and he told me: A) No source code will be available, due to the nature of the agreement between PKP and ViaCrypt.
But look on the bright side...
This will blow David Sternlight out of the water!
will it? the NSA seems to be pretty happy with the way PKP handles things. PKP has an arangement with viacrypt not to release source. It might be safe, but I wouldnt trust it given the way that the NSA pushes commerce to install backdoors in strong encryption.
Happy Hunting, -Simon Trask <cdodhner@indirect.com> PGP public key available upon request.
btw, how did they get around PKP's rule about using the interface provided which uses DES ?
-----BEGIN PRIVACY-ENHANCED MESSAGE----- Proc-Type: 2001,MIC-CLEAR Originator-Name: cme@ellisun.sw.stratus.com Originator-Key-Asymmetric: MIGbMAoGBFUIAQECAgP+A4GMADCBiAKBgCl79/jl0DEVl1GQzOHlzjDmChDDxnWO Acd7jShj2x1vclFh6vbHx9IJqkQdwNhNAWf8XnTrqBDN+VSBc1qdT6nSEAbNPxHD XcvY2DudhuRaRBVLgUQ4scTK657m90Q+bTL5yIh2MaFipUw9BgbIXPTDlksSskWP 9oHjo+pCJC+lAgMBAAE= MIC-Info: RSA-MD5,RSA, DT+ZyepTl4TuHEa3jiojjmLnH8GYnfP2owhSC0rQO7sq6vsmgUifrl/usgJ4VckB kxc7p7GK1kMeqPRG/1LLHcZDpOYvWEhbLSmV/xKpZ+nmj/wd0oBARuxd7nmRnxbS DE4WJzaT3I3rhREjtY0fjB/WFZCglu5IpOgsHuGlY/0= On Aug 25, 5:05pm, Timothy Newsham wrote:
But look on the bright side...
This will blow David Sternlight out of the water!
will it? the NSA seems to be pretty happy with the way PKP handles things. PKP has an arangement with viacrypt not to release source. It might be safe, but I wouldnt trust it given the way that the NSA pushes commerce to install backdoors in strong encryption.
As long as there is an approved version (ie., non-commercial, made by the PGP cabal) -- interoperability will prevent any sneaking of back doors into the message stream. The only place to worry is with key generation, both IDEA and RSA. I wouldn't be surprised if they're using the BSAFE object code or something equivalent. In that case, key generation (random number routines, actually) might be outside the package. Does anyone here know?
btw, how did they get around PKP's rule about using the interface provided which uses DES ?
If they're using a general purpose, purchased library from RSA (not RSAREF) then there's no built-in DES limitation. Meanwhile, I'm looking forward to the commercial version, for my machine here at work. Until then, I'm limited to RIPEM -- which few others on this list speak. - <<Disclaimer: All opinions expressed are my own, of course.>> - Carl Ellison cme@sw.stratus.com - Stratus Computer Inc. M3-2-BKW TEL: (508)460-2783 - 55 Fairbanks Boulevard ; Marlborough MA 01752-1298 FAX: (508)624-7488 -----BEGIN RIPEM PUBLIC KEY----- User: cme@ellisun.sw.stratus.com PublicKeyInfo: MIGbMAoGBFUIAQECAgP+A4GMADCBiAKBgCl79/jl0DEVl1GQzOHlzjDmChDDxnWO Acd7jShj2x1vclFh6vbHx9IJqkQdwNhNAWf8XnTrqBDN+VSBc1qdT6nSEAbNPxHD XcvY2DudhuRaRBVLgUQ4scTK657m90Q+bTL5yIh2MaFipUw9BgbIXPTDlksSskWP 9oHjo+pCJC+lAgMBAAE= MD5OfPublicKey: 39D9860686A9F075A9A83D49589C677A -----END RIPEM PUBLIC KEY-----
-- End of excerpt from Timothy Newsham
-----END PRIVACY-ENHANCED MESSAGE-----
participants (3)
-
Christian D. Odhner -
cme@ellisun.sw.stratus.com -
Timothy Newsham