At last I have read the operating instructions for PGP 2.2. I am impressed. I raised the issue of trusting PGP. John Draper correctly suggested that it was possible to trust PGP because the code was available for inspection. I agree that this places PGP far ahead of various competition regarding trust. I propose, however, that if there were a single specification that covered various file formats and perhaps program logic, that PGP would eventually gain substantially more trust. Here is why. As it is now, someone who reads the code to establish his trust in PGP must be familiar with C, in which PGP is written, number theory and various crypto threats and weaknesses. There are certainly such people. If, however, there were one operating specification then many more people would be attracted to the effort, ultimately yielding greater trust in PGP. Cryptographers without the skill or tenacity to read the code could contribute, as could programmers without the crypto theory. Each class would consult the specs, the programmers to verify that the code implemented the specs and the cryptographers to ponder whether programs with such specs were appropriate for their market. Such specifications are required for government rated secure software for just this reason.
participants (1)
-
norm@netcom.com