18 March 1998: See Phil Zimmermann message
17 March 1998: Add messages
16 March 1998
[JYA Note: Thread picked up in mid-stride to focus on OpenPGP.] Date: Thu, 12 Mar 1998 09:59:01 -0800 To: cypherpunks@cyberpass.net From: Tim May <tcmay@got.net> Subject: Monkeywrenching PGP in their own corporate offices? At 8:49 PM -0800 3/11/98, Bill Frantz wrote: >At 7:09 PM -0800 3/10/98, pnet@proliberty.com wrote: >>It is amazing that even cypherpunks would be so naive as to hold a meeting >>within the offices of Network Associates. Everybody would like to believe >>that they can trust PGP, Inc. without considering who controls PGP, Inc. >>now and where their true allegiances lie. Hell, even if you can trust PGP, >>Inc., that would be all the more reason to assume that their offices are >>bugged by the spooks. Better to hold your meeting outside in the park or at >>some fast food joint, IMO. > >Why? Anyone who comes to a cypherpunks meeting and reveals something that >is blatantly illegal runs the risk that someone else at the meeting will >turn them in. Whether the bug is in the wall or on the person doesn't >matter. [Snip FBI humor] Seriously, I haven't been to any of the Cypherpunks meetings since the NSA, er, I mean Network Associates, acquired PGP. I know that Trusted Information Systems is deeply committed to citizen-unit tracking and tracing systems, and is a leader in GAK. (Hey, one of their folks working on GAK coined the term, as we all should know.) I honestly cannot conceive of how the freedom fighter-friendly PGP will suvive in the same company with the GAK-friendly TIS and Network Associates. I don't know what will become of PGP. Frankly, I'm not hearing much out of them of any sort. Maybe it's just a lull between product announcements. But I sure as hell know that much of what we talk about, or _talked_ about, is about monkeywrenching commercial products like PGP, about dispersing them in contravention of their own dispersion plans, etc. So I'm not particularly comfortable discussing ways to monkeywrench TIS and Network Associates and their "GAKware" right their in their own fucking offices! Pardon my French. --Tim May Just Say No to "Big Brother Inside" ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^3,021,377 | black markets, collapse of governments.
Date: Mon, 16 Mar 98 16:04:47 PST From: jim@mentat.com (Jim Gillogly) To: cypherpunks@cyberpass.net Subject: Re: Monkeywrenching PGP in their own corporate offices? > Tim writes: > > Seriously, I haven't been to any of the Cypherpunks meetings since the NSA, > > er, I mean Network Associates, acquired PGP. I know that Trusted > > Information Systems is deeply committed to citizen-unit tracking and... Jan writes: > NSA got the PGP Inc.??? Or so you think? Well, if it is true, then the > free cypherpunk society got a BIG problem. One of its bastions is under > seage. I agree, whether you meant "under sewage" or "under siege". However, there are still earlier source-available versions of PGP around, so private communication isn't impaired for the non-mass-market users. Other products such as Crypto Kong may gain more acceptance as PGP's reputation capital is pissed away and new versions of PGP become increasingly non-interoperable with source-available ones, fragmenting the user population further. But with NA talking about becoming a Key Recovery Alliance Partner [KRAP] again, it's not at all clear that they will have any good use for PGP in their arsenal. It's early days yet to see how long they'll keep PGP around, but I will be surprised if they retain PGP's historical openness with source code. They certainly won't be interested in keeping PGP's "in your face" attitude toward the government. If I were paranoid I might think they'd bought up PGP Inc. in order to eliminate a strong email competitor. Hurm... The real problem is that the one technology with the potential to be the default widely-deployed strong non-GAKed mail system is having its reputation tarnished by sharing a roof with the GAK crowd. Any replacement, be it Kong or anything else, would have to start from ground zero in name recognition and acceptance, and the government would have been able to roll back six years of progress. One ray of hope: if the OpenPGP spec gains wide acceptance we may see more (but not a thousand) free PGP-compatible flowers bloom. Jim Gillogly
Date: Tue, 17 Mar 1998 00:59:27 GMT From: Adam Back <aba@dcs.ex.ac.uk> To: jim@mentat.com CC: cypherpunks@cyberpass.net Subject: Re: Monkeywrenching PGP in their own corporate offices? Jim Gillogly <jim@mentat.com> writes: > But with NA talking about becoming a Key Recovery Alliance Partner > [KRAP] again, it's not at all clear that they will have any good use > for PGP in their arsenal. Are NA literally talking about joining KRAP again!? Is there another NA press release? Rumor? Discussed at NA offices PGP meet? > The real problem is that the one technology with the potential to be > the default widely-deployed strong non-GAKed mail system is having its > reputation tarnished by sharing a roof with the GAK crowd. Any > replacement, be it Kong or anything else, would have to start from > ground zero in name recognition and acceptance, and the government > would have been able to roll back six years of progress. One ray of > hope: if the OpenPGP spec gains wide acceptance we may see more (but > not a thousand) free PGP-compatible flowers bloom. We can hope. Freeware is the way to go. Commercial enterprises, particularly ones involving venture capitalists, and suits are a bad vehicle for a cypherpunk enterprise. Sameer (stronghold, www.c2.net for newcomers) is in a better position, at least they (various cpunks over there) own the whole company 100%. On OpenPGP gaining wide-deployment, observing ietf-open-pgp@imc.org list it seems that PGP are not as interested in open-pgp as one might have thought they would be. eg. compare volume on ietf-smime@imc.org to volume on open-pgp. smime has 10 - 100x more traffic. PGP has made essentially no progress on OpenPGP for months. Perhaps there are other good reasons for this (busy fighting off internal TIS GAKware advances, busy after re-shuffle, busy producing new code), but it leaves one thinking S/MIME will win by default if PGP can't even be bothered to edit drafts etc. It has also been commented a number of times that "Open" PGP isn't that open, and in fact is more like "Closed" PGP, in that for example Lutz Donnerhacke (not of PGP Inc) is working on a formal spec draft sort of within the IETF framework, yet when people mention this others go "huh? what formal spec?". Clearly there are lots of communications outside of the list. No personal insult intended to over-sensitive ex-cypherpunks inside the PGP corporate tent, just stating observable reality. One thing which I find mildly annoying here is that NA/PGP Inc are damaging "PGP" the name in various ways, and the name "PGP" now belongs to various corporate suits. Yet some of "PGP" the name's reputation, and popularity comes from the net users, and cypherpunks who popularised it. Adam -- Now officially an EAR violation... Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
Date: Mon, 16 Mar 98 17:20:03 PST From: jim@mentat.com (Jim Gillogly) To: cypherpunks@cyberpass.net Subject: Re: Monkeywrenching PGP in their own corporate offices? I said: > > But with NA talking about becoming a Key Recovery Alliance Partner > > [KRAP] again, it's not at all clear that they will have any good use > > for PGP in their arsenal. Adam responded: > Are NA literally talking about joining KRAP again!? Is there another > NA press release? Rumor? Discussed at NA offices PGP meet? It was discussed in a C/NET story: http://www.news.com/News/Item/0,4,19402,00.html I would love to hear a PGPer's assurance that it's not so. Any takers? A quote: Network Associates, which pulled out of the Key Recovery Alliance in December after acquiring Pretty Good Privacy, says it probably will rejoin the group after buying Trusted Information Systems. ... "It's highly likely that Network Associates will be a member," Network Associates chief executive Bill Larson said today. "The Key Recovery Alliance is a very important organization... Philosophically, we are bridging two discrete worlds--the PGP-Internet world and the TIS intelligence world." ... "Our belief is that you let customers choose," Larson added. "Customers have been asking PGP to put in key recovery. RecoverKey is a much better system for that." I keep rereading this and can't see much of a bright spot. The last bit appears to be saying RecoverKey will be put into PGP replacing the "Message Recovery" feature that was there, since Larson says the former is a better technology. Time will tell -- I'm sure the bedfellows are having more trouble adjusting than Ishmael and Queequeg. NA weren't on the kra.org list last time I checked. > On OpenPGP gaining wide-deployment, observing ietf-open-pgp@imc.org > list it seems that PGP are not as interested in open-pgp as one might > have thought they would be. eg. compare volume on ietf-smime@imc.org > to volume on open-pgp. smime has 10 - 100x more traffic. PGP has made > essentially no progress on OpenPGP for months. Perhaps there are Just last week saw draft-ietf-openpgp-formats-01.txt (or a name much like that) show up. Looks promising to me, but I agree progress has been glacial. I think it's more a result of overwork on the part of the proponents rather than lack of zeal, though: I believe Jon Callas and Hal Finney (the two authors from Network Associates) are still as committed to OpenPGP as they were before, and as their other co-authors Lutz Donnerhacke and Rodney Thayer. > times that "Open" PGP isn't that open, and in fact is more like > "Closed" PGP, in that for example Lutz Donnerhacke (not of PGP Inc) is > working on a formal spec draft sort of within the IETF framework, yet > when people mention this others go "huh? what formal spec?". Clearly > there are lots of communications outside of the list. I don't understand where that's coming from. Maybe with the first draft out we'll see more interaction. One can only hope. > One thing > which I find mildly annoying here is that NA/PGP Inc are damaging > "PGP" the name in various ways, and the name "PGP" now belongs to > various corporate suits. Yet some of "PGP" the name's reputation, and > popularity comes from the net users, and cypherpunks who popularised > it. Yup. We came to the dance together and they left with the rugger. Such is life in the geek world. Jim Gillogly
Date: Mon, 16 Mar 1998 18:43:57 -0800 To: cypherpunks@cyberpass.net From: Tim May <tcmay@got.net> Subject: The Cypherpunks Meeting, OpenPGP, and the TIS Merger At 4:04 PM -0800 3/16/98, Jim Gillogly wrote: >> Tim writes: >> > Seriously, I haven't been to any of the Cypherpunks meetings since the >>NSA, >> > er, I mean Network Associates, acquired PGP. I know that Trusted >> > Information Systems is deeply committed to citizen-unit tracking and... Perhaps because I had just written these lines, I decided on Saturday morning to get in my Explorer and drive the 60 miles over the mountains to the Cypherpunks meeting. No one has written up minutes on it (though Martin Minow was, as usual, taking notes into his Pilot), so I'll comment. To the extent I can without pissing off the Network Associates folks too much. (I don't believe anything I cite here was told to us or to me in confidence, as in "Don't repeat this" or the like.) >Jan writes: >> NSA got the PGP Inc.??? Or so you think? Well, if it is true, then the >> free cypherpunk society got a BIG problem. One of its bastions is under >> seage. > >I agree, whether you meant "under sewage" or "under siege". However, >there are still earlier source-available versions of PGP around, so >private communication isn't impaired for the non-mass-market users. There was much discussion of OpenPGP. According to the speaker (who shall remain nameless), OpenPGP will no longer support "key recovery" in any way whatsoever. Not as an optional field, no mention at all of "key recovery." (After market developers could presumably build some form of KR or GAK onto OpenPGP, with varying degrees of market penetration, but it WILL NOT BE IN THE SPEC!). This is major good news. Onr hope is that OpenPGP will become the mantle-bearer for the "spirit of PGP," with corporate narcs and fascists attempting in vain to "sell" the official PGP with Key Recovery to their sheeple. I predict that a successful OpenPGP will effectively kill off the GAK-friendly Corporate incarnation of PGP. (Left unclear is why the hell Network Associates would pay $30+ million for PGP, Inc., when its reputation capital is steadily draining into the San Francisco Bay. The TIS merger only raises doubts further.) OpenPGP will be based on a tighter kernel type of approach, so it will be integratable into nascent digital money and other Cypherpunks types of markets. Without any licensing needed, without any effective export controls, and with proper revolutionary credentials. Hurray! We also discussed at length the merger of Trusted Information Systems (TIS) into NAI. I speculated that as TIS was already spook-friendly, and as NAI paid roughly 10 times as much for TIS as for PGP, I felt it was only a matter of time before the crypto folks at TIS in Maryland began to call the shots. Even to the point of folding in the remains of PGP into TIS and moving any remaining programmers to Maryland. A current NAI/TNS/PGP employee expressed doubt about this scenario. He feels NAI paid $300 million for TIS primarily to get Gauntlet, the firewall product and expertise, and that TIS' crypto products would not be a major market force. We agreed that time will tell, and that in a year we'll know whose hunch was right. And the unfolding role of OpenPGP returns us to the revolutionary, kick-ass world of freely distributable unbreakable crypto. (Some of us have a poll on how fast the source code for the released version of OpenPGP will spread across the globe, kicking the NSA in the teeth. I said "2 days," but nobody would dispute this.) >Other products such as Crypto Kong may gain more acceptance as PGP's >reputation capital is pissed away and new versions of PGP become >increasingly non-interoperable with source-available ones, fragmenting >the user population further. But with NA talking about becoming a Key >Recovery Alliance Partner [KRAP] again, it's not at all clear that they >will have any good use for PGP in their arsenal. I got the impression that the corporate parent unit, NAI, has no idea where it stands on crypto. Certainly if they rejoin the KRAP, more PGP folks will leave. (PGP, Inc., and Phil Z., were apparently influential in getting NAI to resign from the KRAP. But that was before they brought TIS in, and TIS is deeply committed ot the KRAP.) (BTW, Phil Z. was not at the Saturday meeting, and he should not have the views expressed here, or in the Saturday meeting, attributed to him in any way.) >It's early days yet to see how long they'll keep PGP around, but I will >be surprised if they retain PGP's historical openness with source code. >They certainly won't be interested in keeping PGP's "in your face" >attitude toward the government. If I were paranoid I might think >they'd bought up PGP Inc. in order to eliminate a strong email >competitor. Hurm... Looks like it won't matter. Once OpenPGP is out, expect a massive PR campaign by folks like us, and others, to get everyone they know to switch to OpenPGP. This will likely spread to corporations, would be my strong hunch. >The real problem is that the one technology with the potential to be >the default widely-deployed strong non-GAKed mail system is having its >reputation tarnished by sharing a roof with the GAK crowd. Any >replacement, be it Kong or anything else, would have to start from >ground zero in name recognition and acceptance, and the government >would have been able to roll back six years of progress. One ray of >hope: if the OpenPGP spec gains wide acceptance we may see more (but >not a thousand) free PGP-compatible flowers bloom. Exactly. If Big Brother thought he could encourage some corporate sponsor to "rein in" PGP, he's going to be shocked to see what he gets. Louis Freeh can scream all he wants to about the spread of strong crypto, but freedom fighters and rebels around the world will pick OpenPGP over some TIS-affiliated GAKware in a microsecond. Other topics discussed at the meeting were Ian Goldberg's HINDE proposal. (HINDE is apparently pronounced "Hin-da," rhymes with Linda, not as in the Golden Hinde or the Devil taking the hindmost. Though the Be OS version will still presumbably be called BeHINDE.) And we had some entertaining discussions over pizza of persons seeking to trace putative connections between certain nyms and the Crown Prince of Lichtenstein. A Cypherpunk producer of actual products has moved his company to Monterey, so now there are more reasons for us to have a Santa Cruz-Monterey party or meeting. Perhaps I'll have one in a few months, or the other guy will. Either way, less driving for me. --Tim May Just Say No to "Big Brother Inside" ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^3,021,377 | black markets, collapse of governments.
Date: Mon, 16 Mar 98 22:11:35 PST From: jim@mentat.com (Jim Gillogly) To: cypherpunks@cyberpass.net Subject: Re: The Cypherpunks Meeting, OpenPGP, and the TIS Merger Tom Paine writes: > First, I have not yet searched the web for info on OpenPGP, but take your The mail archive home page for the IETF OpenPGP group is at http://www.imc.org/ietf-open-pgp . A copy of the draft format document is available from that page and from John Young's page http://jya.com/crypto.htm . > How close is OpenPGP to actual release? > If such a product enhances freedom, what possible value could it be to NAI? > Would it substantially increase their revenues over GAK-ware? There seems to be some confusion here. The goal of the OpenPGP effort is not to create a specific program, but rather to promulgate an IETF standard that specifies how "standard" PGP programs will interoperate. This means the formats and procedures need to be formally specified to a rather fine level of detail. It is useful but not essential to have a reference implementation of a standard; Lutz Donnerhacke is producing such an implementation that he expects to be slow but provably accurate. I'm not sure what "provably" means in the context of a large program these days, but am willing to be convinced. This "formal" implementation is expected to be accurate but slow. Other faster implementations should follow in due course. The value of such a standard to Network Associates, if they plan to keep PGP in their product line, is that their PGP would interoperate with any vendor who decides to implement this IETF standard. An IETF standard has a great deal more credibility than a bunch of comments in released code that define the current state of a program. As far as the Suit World is concerned, the Network Associates PGP version would still be the flagship version of PGP. It'd be like the microcomputer situation 10 years ago: you could buy an IBM PC or you could buy a clone PC -- but Suits would always buy the IBM. Having such a standard would be a Good Thing for NA, and it would be a good thing for people who want widely available trustable implementations that interoperate with the probably more widely-distributed NA version. And in a few years, when free OpenPGP modules embedded in everything drive out expensive monolithic PGP programs, NA would still have some strong TIS products to pick up the slack, after having gotten a longish and profitable run for their investment -- as well as building up some reputation capital. If it flies. Note, however, that OpenPGP is not the only game in town -- S/MIME is also on the IETF standard track, and is eating the other end of the same banana that OpenPGP just peeled. There's probably not enough banana for both. Jim Gillogly
Date: Tue, 17 Mar 1998 08:08:54 GMT From: Adam Back <aba@dcs.ex.ac.uk> To: jim@mentat.com CC: cypherpunks@cyberpass.net Subject: Re: Monkeywrenching PGP in their own corporate offices? Jim Gillogly <jim@mentat.com> writes: > Adam responded: > > Are NA literally talking about joining KRAP again!? Is there another > > NA press release? Rumor? Discussed at NA offices PGP meet? > > http://www.news.com/News/Item/0,4,19402,00.html > > [NA press release] > > I keep rereading this and can't see much of a bright spot. The last > bit appears to be saying RecoverKey will be put into PGP replacing the > "Message Recovery" feature that was there, since Larson says the former > is a better technology. Time will tell -- I'm sure the bedfellows are > having more trouble adjusting than Ishmael and Queequeg. Some people at NA seem to have a penchant for making announcements and pronouncements which send PGP Inc's spin doctors scrabbling to undo! Left hand is merrily stabbing right hand. > NA weren't on the kra.org list last time I checked. Yes, but TIS are founding members, and still are members. So "a division of NA are members of KRAP", right? > > PGP has made > > essentially no progress on OpenPGP for months. Perhaps there are > > Just last week saw draft-ietf-openpgp-formats-01.txt (or a name much > like that) show up. Looks promising to me, but I agree progress has > been glacial. I think it's more a result of overwork on the part of > the proponents rather than lack of zeal, though: I believe Jon Callas > and Hal Finney (the two authors from Network Associates) are still as > committed to OpenPGP as they were before, and as their other co-authors > Lutz Donnerhacke and Rodney Thayer. I dunno what Rodney Thayers work load is, but he hasn't posted in a good while, and the comment was not a personal criticism of Hal (or Jon), but a statement of what can be observed. If they (Hal & Jon) are too overworked to commit much time we could read that as indicating that the people who dictate what they do with their time don't see fit to assign them time to work on OpenPGP. The worst aspect is that there appears to be no active editor of the main draft. ie comments are made and left to slide for a month or so, and disappear. Over on S/MIME you have employees from a dozen large companies actively discussing and editing drafts on a daily or even hourly basis, and half of those companies are GAK sell out companies. Appearances matter, it wouldn't cost PGP/NA that much to commit a bit of time to have an active editor. > > times that "Open" PGP isn't that open, and in fact is more like > > "Closed" PGP, in that for example Lutz Donnerhacke (not of PGP Inc) is > > working on a formal spec draft sort of within the IETF framework, yet > > when people mention this others go "huh? what formal spec?". Clearly > > there are lots of communications outside of the list. > > I don't understand where that's coming from. Maybe with the first > draft out we'll see more interaction. One can only hope. I think if I remember that it was Hal of all people who said "huh?". Yet Lutz I gather is under the distinct impression that he is working on a formal draft in the IETF OpenPGP framework. Little in the way of announcements, or mention of the formal draft, or draft versions on the IETF imc.org web site, though Lutz has some info on his own web site. > > One thing > > which I find mildly annoying here is that NA/PGP Inc are damaging > > "PGP" the name in various ways, and the name "PGP" now belongs to > > various corporate suits. Yet some of "PGP" the name's reputation, and > > popularity comes from the net users, and cypherpunks who popularised > > it. > > Yup. We came to the dance together and they left with the rugger. Such > is life in the geek world. Not at all intended as a whine that they got to run with the ball, more a comment that after running with the ball, they could show more delicacy about pissing away it's reputation. Adam
Date: Tue, 17 Mar 1998 08:29:25 GMT From: Adam Back <aba@dcs.ex.ac.uk> To: jim@mentat.com CC: cypherpunks@cyberpass.net Subject: S/MIME market dominance & PGP/TIS S/MIME? (Re: The Cypherpunks Meeting, OpenPGP, and the TIS Merger) Jim Gillogly <jim@mentat.com> writes: > Note, however, that OpenPGP is not the only game in town -- S/MIME is > also on the IETF standard track, and is eating the other end of the > same banana that OpenPGP just peeled. There's probably not enough > banana for both. To continue your analogy, S/MIME has eaten 99.9% of the banana and PGP/NA is nibbling un-enthusiastically on the remaining 0.1%. When people state the obvious that S/MIME has a lot more adopters and large companies actively interested in it, long time PGP enthusiasts like to defend and counter that yes, Netscape has the largest deployed base of crypto aware mail clients, but that few are using the secure mail features. I am sure this is true, however it ignores the larger picture: S/MIME is being adopted by lots of large companies, and mail client vendors (IBM, microsoft, netscape, and lots of others... basically everyone for practical purposes). It is being adopted on international standards (I am aware of this due to involvement with Euro standards process). This does not make me happy, as I see S/MIME as being dominated by the suits, and see X.509 certs as too heirarchical a key management design, with aspects involving GAK, and PKCS of course being dominated by the self interests of RSA DSI, all of which are of doubtful use for cypherpunks and the freedom and success of widespread unescrowed crypto. If I were NA I would be busy implementing PGP S/MIME or TIS S/MIME to hedge my bets. (In fact I would make software which could do both... something which it seems strange that PGP are not doing). Perhaps TIS already has an S/MIME implementation? Adam -- Now officially an EAR violation... Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`