This really came as no surprise to anyone who deals with RSA. Note I am only talking for myself when I write this, but there is a LOT of money to be made by someone (certicom?) if they can give a cross-platform rsa type solution. I mean RSA has a fairly good product,but I can name at elase two other companies who've had this exact same problem with cross-licensing. Really, does RSA expect Netscape or Microsoft to re-license every time they allow an oem to repackage thier products into or as part of a suite of programs with a third party vendor? RSA has a bunch of bullies at thier helm. They should realize that pulling this kind of crap will only make people jump ship faster when another company comes calling with a similar product and less restrictive licensing. I think that RSA should also realize that without PGP, their market would be much smaller, I think every time RSA licenses thier (now renewed) patents, they should think of Phil. I don't mean to saint the guy here or anything, but they owe him a debt that is difficult to quantify. By suing PGP they are basically saying , if I can extrapolate in a rather extreme manner, "privacy is okay, but only if we make money at it." And keep in mind , I don't begrudge RSA thier right to make money off thier intellectual property, but suing your customers except in the most extreme situations should be seen as a warning sign to the industry that to deal with RSA as a vendor is to take a risk that may be dangerous. Chris DiBona dibona@acm.org