Attached is a conversation between David Sternlight and PGP Inc's Will
Price conducted on mac-crypto (and X-posted by Bob Hettinga).
I believe this offers sufficient insight into the interoperability issue
to be of importance to this WG. I am cross-posting without comment for
the moment.
=====================8<===================
At 5:30 PM -0800 11/22/97, David Sternlight wrote:
And while you're introducing gratuitous issues unrelated to the discussion,
why did PGP disable RSA key generation in Free PGP 5.0, and remove RSA
compatibility completely from Free PGP 5.5
Very simple. How can we with good conscience allow users to generate
keys
which we don't feel meet our security standards? We can't. Case
closed.
If you're unfamiliar with why RSA keys are not as secure as we'd like,
you
should check archives of the newsgroups for the past few years. The
weaknesses of MD5 and the KeyID attacks were the two primary security
issues we felt absolutely had to be addressed in 5.0. The development
team
couldn't have cared less about RSA licensing issues. The only issue was
security. Fixing those required a new key format. As long as we were
changing the key format, we decided to switch to unencumbered algorithms
at
the same time since the hit was the same either way -- everyone would
need
new keys. If a particular user doesn't mind the security issues with
RSA
keys, they should feel free to continue using them although the number
of
versions supporting those keys available from us will undoubtedly
continue
to dwindle, and at the same time the number of versions and platforms
supporting DH/DSS keys will continue to grow dramatically.
-Will
Will Price, Architect/Sr. Mgr.
Pretty Good Privacy, Inc.
555 Twin Dolphin Dr, Ste.570
Redwood Shores, CA 94065
Direct (650)596-1956
Main (650)572-0430
Fax (650)631-1033
Pager (310)247-6595
wprice(_at_)pgp(_dot_)com
=====================8<===================
--
iang systemics.com
FP: 1189 4417 F202 5DBD 5DF3 4FCD 3685 FDDE on pgp.com