[ISN] PGP Opens Up Encryption Source Code

R. A. Hettinga rah at shipwright.com
Thu Dec 5 11:48:17 EST 2002


--- begin forwarded text


Status: RO
Date: Thu, 5 Dec 2002 01:00:19 -0600 (CST)
From: InfoSec News <isn at c4i.org>
To: isn at attrition.org
Subject: [ISN] PGP Opens Up Encryption Source Code
Sender: owner-isn at attrition.org
Reply-To: InfoSec News <isn at c4i.org>

http://www.eweek.com/article2/0,3959,746602,00.asp

By Dennis Fisher
December 4, 2002

Newly formed PGP Corp. took a big step Monday toward endearing itself
to cryptography enthusiasts and privacy advocates by releasing the
source code for its flagship line of encryption products.

The code for the entire PGP 8.0 line - which was also introduced
Monday - is available on the company's Web site for free download.
This move is a resurrection of the policy of openness and freedom that
led to the creation of the original Pretty Good Privacy software more
than 10 years ago and was a hallmark of the now-defunct PGP Inc.

Users can download and review the code for free but cannot reuse or
modify it.

The publication of cryptographic algorithms and source code for
encryption products has long been a common way for cryptographers and
developers to test the strength and security of their products. But as
more and more of the original freeware and shareware encryption
products moved into the corporate realm, the practice has gradually
fallen out of favor.

When PGP Corp. announced its formation earlier this year, company
officials made a point of saying that they would release the PGP
source code. The company purchased the PGP product line from Network
Associates Inc., which had bought the original PGP Inc. business from
Phil Zimmermann, the product's creator.

NAI's refusal to release the PGP source code was one of the reasons
that Zimmermann eventually left NAI.

"PGP is the only security software company sufficiently committed to
product integrity and security to publish its intellectual property in
the form of source code for peer review," said Phil Dunkelberger,
president and CEO of PGP, based in Palo Alto, Calif. "We believe that
releasing the source code for security-related software should be a
standard industry practice and a requirement of any serious security
vendor."

The PGP 8.0 line includes both Windows and Macintosh versions of the
PGP Desktop, PGP Enterprise and PGP Personal as well as a new version
of PGP Freeware. The Macintosh products include support for OS X, and
the Windows line now supports XP and XP Office.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo at attrition.org with 'unsubscribe isn'
in the BODY of the mail.

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com



More information about the cryptography mailing list