At 10:06 AM 11/29/00 +0100, [EMAIL PROTECTED] wrote:
>You have to agree that the "not using patented algorithms" thing
>solves the problem once and for all, if in a somewhat Gordian way
>(partly breaking backwards compatibility). We would never had any
>problems if not for PGP screwing it up -- by using potentially
>problematic pieces of code.
PGP1.x used Bass-O-Matic, which had no patent problems :-) Also RSA,
which had far more serious problems in the US than mere patents.
PGP2.x used IDEA, which was patented but free for non-commercial use,
and used RSA blatantly and unapologetically in violation of patent,
so the restrictions on IDEA were mild in comparison.
PGP 2.5 and later used RSAREF in the US, which could be used for free
for non-commercial use, still more restrictive than IDEA,
but had copyright problems outside the US, because of RSA's license.
The PGP 2.6.x international versions used homebrew RSA implementations,
which were patent-free outside the US (except maybe for Canada, I forget),
but still used IDEA, which is patented in Europe, US, and a few
other places, but not everywhere in the world.
>As PGP's track record went from "angelic"
>to "distinctly tarnished", I stopped using it. Many other people I
>know did as well. I've switched to GPG, which hasn't got any track
>record so far, once it became stable. We'll wait and see how they do.
Thanks!
Bill
Bill Stewart, [EMAIL PROTECTED]
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
