Tough Choices: PGP vs. RSA Data Security

Phil Karn karn at qualcomm.com
Thu Apr 29 12:09:02 PDT 1993


I think the ball's already in Bidzos's court. Consider the following Bidzos
quote a few days ago on the "billcryp" list:

	You have it correct, but let me expand a bit. It would be a bad
	business decision for us to try to keep *anyone* out of the market
	with patents because we disagree with their approach.  Remember,
	personal choice crypto isn't outlawed yet.

Now the context of this quote was whether RSA could use its patents to
try to squash the more objectionable aspects of Clipper (particularly
key registration), but his wording is (perhaps unintentionally) much
more revealing. It implies to me that licensing PGP would be in
RSADSI's best business interests.  And so it would, if not for the
personal animosity between Bidzos and Zimmerman.

I sent a note to Bidzos asking him this exact question, but I have not
yet received a reply.

I am yet another person who would be glad to pay RSADSI a reasonable
fee to use RSA in the form of PGP. Cost is really not the main issue
here; PGP is the product I want to use, plain and simple. Nothing else
matches its features, especially the "web of trust" model for
certificates and the widespread availability of source code for
inspection.  Mailsafe isn't even in the running.

I use PGP only occasionally, in a personal and educational mode. I
would very much like to be able to recommend it to my company for
business use, but I can't do that under the present circumstances. And
that's too bad.

Phil







More information about the cypherpunks-legacy mailing list