From stewarts@ix.netcom.com Tue Jul 18 02:51:50 1995 Date: Mon, 17 Jul 1995 23:52:35 -0700

At 09:07 PM 7/17/95 -0400, tim werner wrote:

...

...

... I was talking to one of the sys admins at A-B, and he said that we weren't allowed to use PGP to encrypt our mail, because Viacrypt owned the commercial rights.

Actually, it's less clear than that.

Selling software containing the code is pretty clearly commercial. Non-commercial messages from your personal non-business machine are clearly non-commercial. Providing a service of encrypting and decrypting messages for people for money sounds like it's _very_ probably commercial. Encrypting and decrypting messages to/from your business that deal with money are a very gray area.

Maybe "commercial company" is the wrong expression. All I meant was that my company is not non-profit, or a university, or a government organization. It is an engineering firm. What I have in mind is nothing to do with a commercial use of encryption per se. If they decided to put encryption into a product, that would be something else entirely. I doubt they would ever be using it to accept payment for the stuff they sell, although I don't really know much about the marketing aspect of the business. Basically, I have two potential uses for it: 1) I have some email pen-pals that I would like to be able to use PGP to talk with. All my other accounts (freenet, school) have mail forwarded to what I think of as my email "home address", which is my work address. I would like to use that work account to process my email. Is it legal to use PGP 2.6.2 for this purpose? I'd also like to be able to tell fellow workers that they can use it, and show them how. 2) It's entirely likely that people within the company may wish to get into the habit of transmitting company data in encrypted form. This is not a question of incorporating the encryption technology into a product, or even into the sale of a product -- it's just a question of keeping intra-company information transfers private. The first is the one I'm really concerned with. The second would be sort of a natural extension that, if legal, would be nice. I can't imagine that these uses are subject to the ViaCrypt license, but I need some reassurance/ammunition in order to be a little more open about getting it installed on the machines in my department. thanks, tw -- Well, Bust My Britches! Eggs Almondine and a Bottle of Beaujolais!