> Does anyone know of any definitive study of the relative security of > PGP6.5.8 vs. GnuPG 1.06 > -- > Robin Lynn Frank
The key recovery bug in PGP was fixed in 6.5.8, http://www.pgp.com/support/product-advisories/phil-message.asp, also fixed a while ago in GnuPG, that problem would be my main concern with older versions of GnuPG/PGP. As for relative security GnuPG is a LOT less code, and completely 100% no holds barred open source. PGP is huge and no longer fully open source. Remember, that key recovery bug was there for a few years before people caught it, despite both products being open source. Thus I would put a lot more faith in GnUPG, especially long term with portions of PGP 7.x not being open source (and Mister Zimmerman having left for Hushmail ... ). Kurt Seifried, [EMAIL PROTECTED] A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://www.seifried.org/security/
