Tough Choices: PGP vs. RSA Data Security

rjc at gnu.ai.mit.edu rjc at gnu.ai.mit.edu
Thu Apr 29 03:16:59 PDT 1993



   I partially agree with Tim, but RSA must be willing to make some compromises
on this. Mathematical/Algorithmic patents already face lots of opposition
in the user/programmer community, but charging high licensing fees on
such patents will inevitably force programmers to develop freeware
alternatives. I haven't seen Mailsafe, but from the reviews of it,
it sounds like it is vastly inferior to PGP and not worth $125.
It is also not "open" (e.g. you don't get source code?) which prevents
the cypherpunk community from making modifications that they want.
(I've also heard that RSA doesn't even support it well).

   A better course of action might be to remove the RSA engine from
PGP and distribute the source code, and a binary for free, but require
users to pay $30-50 to RSA to get the source code and binary for the
RSA engine.

  This maintains our flexibility to modify PGP as we see fit, but preserves
RSA's intellectual property. The downside is, platform portability
will be impacted slightly. 

  On the other hand, RSA could develop and maintain a PGP alternative
which has all the bells and whistles we like, and market it at reasonable
cost, say $50. (remember, Clipper chips will be cheaper than $40!)


  RSA's alternative is to have their patent become useless like most of the
compression patents through wide spread unauthorized used of their
algorithms.


-- Ray Cromwell        |    Engineering is the implementation of science;    --
-- EE/Math Student     |       politics is the implementation of faith.      --
-- rjc at gnu.ai.mit.edu  |                         - Zetetic Commentaries      --





More information about the cypherpunks-legacy mailing list