When Ray Ozzie announced the work reduction sellout at the RSA conference, both he and Ms Denning (whom I spoke with about it later) mentioned that there was something else in Lotus Notes 4 besides the 40+24 bit compromise. My thought is that the NSA gave them something else in exchange for the mandatory escrow scheme they're all talking about publicly. Perhaps some other crypto code the NSA had lying around unused. So looking for a common 24-bit subkey may reduce Notes' key to a 40-bit brute force exercise but the 40+24 is probably not ALL that's in Notes 4. Definitely a deal with the Devil. Given that we're talking about IBM, not Lotus none of this surprises me given IBM's Lucifer/DES history with spook input years ago. Then again to be fair, I don't know if the 40+24 deal was cooked up before or after the IBM/Lotus merger. Jerry Whiting Azalea Software, Inc. P.S. Yes, I'm the one doing carrick "Encryption software so good, the Feds won't let us export it." In fact, we schedule for a visit from the NSA next month regarding our desire to export carrick to Australia. The mere mention of a Blowfish-based crypto product left my assigned spook momentarly speechless. Something tells me they ain't gonna let carrick out of the country with a key length worth using. AND I DEFINITELY AIN'T INTERSTED IN MAKING A DEAL WITH THE DEVIL.