Re: My 2.3a Key is listed as a 2.6 (Aaargh!)
Haa, *my* key was also converted to a 2.6 key (certainly just s/2.3a/2.6/g; , but it _is_ a 2.6-Key now). Now my public key is a 2.6 key and I am not allowed to have or use 2.6, because I'm german. Isn't it lovely? Hadmut
In-reply-to: Your message dated: Wed, 25 May 1994 23:38:17
*my* key was also converted to a 2.6 key (certainly just s/2.3a/2.6/g; , but it _is_ a 2.6-Key now).
Now my public key is a 2.6 key and I am not allowed to have or use 2.6, because I'm german. Isn't it lovely?
Maybe we should request to remove our keys? Tomaz
Maybe we should request to remove our keys? Unfortunately, it wouldn't do much good. The keyservers have no exclude list, so even if they removed it, someone could reload it back onto the keyserver and it would reappear. This flaw is not, at root, a flaw with the keyservers but a flaw with the key distribution in PGP. You can't have a public key be anything other than completely public, that is, you can't restrict the distribution of a key in any way. Why might not a key be made public? The publication of a key sends a message, and the message is this: "An identity of this name exists". If you're worried about traffic analysis, you might well also be concerned that there is knowledge that a particular key is being used at all. If you don't want everybody to be able to verify your signatures, but wish to select those who may, PGP offers facility for this. There is no way to represent this desire syntactically and no way to enforce the desire. Why might not one want a key distributed? It indicates use of cryptography, for one, and, perhaps, the use of patent-infringing cryptography. Eric
Wednesday May 25 1994 23:50 danisch@ira.uka.de (Hadmut Danisch) wrote: [edited] HD> Subject: Re: My 2.3a Key is listed as a 2.6 (Aaargh!) HD> Message-Id: <9405252138.AA24321@tartarus.ira.uka.de> HD> Date: 25 May 1994 23:50:52 +0200 HD> Haa, HD> *my* key was also converted to a 2.6 key HD> (certainly just s/2.3a/2.6/g; , but it _is_ a 2.6-Key now). Mine says it's 2.7. ;-) HD> Now my public key is a 2.6 key and I am not allowed HD> to have or use 2.6, because I'm german. Isn't it lovely? I don't like to read this list and see that many posts are about the political problems with ITAR, patents and copyrights. Actually, I'm just a simple software type, so I'm glad I read somewhere (here?) that the source to PGP 2.6 will be released, so that we can correct any problems introduced in it for political reasons. As to not being allowed to have or use 2.6 in Europe, what makes you think so? I may be wrong, but I thought the only obstacle was that it may not be exported to us due to ITAR. Once it's available here there's nothing wrong with having or using it. I've seen PGP 2.5 flowing through European wires, so I think that 2.6 will come here too (if it hasn't come already). Which makes this whole mess with ITAR, patents, copyrights and US and maybe Canada only ftp sites even more difficult to understand for an outsider like me. What's the point of all this, if cyberspace knows no borders? What are MIT and RSA up to? Should this be discussed in alt.conspiracy? ;-) I humbly admit that I'm clueless... HD> Hadmut CU, Sico (sico@aps.hacktic.nl). [PGP public key:] bits/keyID Date User ID 1024/5142B9 1992/09/09 Sico Bruins <Fido: 2:280/404> Key fingerprint = 16 9A E1 12 37 6D FB 09 F6 AD 55 C6 BB 25 AC 25 (InterNet: sico@aps.hacktic.nl)
. What's the point of all this, if cyberspace knows no borders? What are MIT and RSA up to? Should this be discussed in alt.conspiracy? ;-)
Well, I can't answer for RSA, but MIT is making a US-legal version of PGP... The incompatibility is a concession that had to be made to get the approval of RSA. -derek
participants (5)
-
danisch@ira.uka.de -
Derek Atkins -
hughes@ah.com -
sico@aps.hacktic.nl -
Tomaz Borstnar