From: Wes Landaker Area: Public Key Encryption To: John Stephenson 11 Nov 94 18:16:26 Subject: PGP versions UpdReq -----BEGIN PGP SIGNED MESSAGE----- Hello John! 10 Nov 94 16:19, John Stephenson wrote to Shawn McMahon: JS> I'm curious about something.. I've heard that RSAREF is simply JS> another method of using RSA, but it's a slower alogrythm.. It JS> didn't kick in for a while but whoever said that is wrong, or JS> else RSAREF could decode, and encode to RSA -- which of course is JS> false. So, what truely IS the difference between RSA & RSAREF? I JS> know that RSAREF has been tested less throughly, but what about JS> the actual alog.? RSAREF _DOES_ encode and decode RSA. =) The difference between RSA and RSAREF is that RSA is the Rivest-Shamir-Adelmen public key encryption alogrythm, and RSAREF is the public programming library that the owners of RSA provide. =) wjl [Team OS/2] * 1:202/322@fidonet.org * wjl@dstorm.jd.com * * UUCP: nosc!jadpc!dstorm!wjl * PGP Key: C0E9A805 * FREQ: PGPKEY * -----BEGIN PGP SIGNATURE----- Version: 2.61 iQCVAwUBLsQl9gUBVGzA6agFAQFqiQQAgizhVAwBvlbpII3/x6DjSznq17yPNOeD AyEHrF0Z+NhnO5doj3FB323M9ldfjmN4tK1WbAeeeH/tjuq/0l/ZBmPHc9oX2awv ent93ZW4bI7dfic2gtBYvXbkBVlCt3JnsZWCN0bituNJnmoaj7ckKgkfF1KuwZ4Y eCfBtN71mx8= =V70T -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Shawn K. Quinn Area: Public Key Encryption To: All 8 Nov 94 17:03:30 Subject: ECPA and sysop only echos UpdReq Does the ECPA apply to sysop-only and other "non-public" echos (such as DuckNet's CHO_MEMBER, reserved for CHO members only)? Someone told me it did, but I wasn't completely sure. Where exactly is the line drawn on matters of this type. SKQ ... WORK HARDER! Millions on welfare depend on YOU!! 201434369420143436942014343694201434369420143436942014343694718 From: David Rye Area: Public Key Encryption To: Christopher Baker 12 Nov 94 23:29:34 Subject: pgp262 for os2 UpdReq Hello Christopher... Tuesday November 08 1994, Christopher Baker wrote to David Rye: CB> the compile was sent to them over two weeks ago but they are still CB> sitting on it. Phil is out of the country and we don't know what the CB> holdup is. CB> it is being checked. I'll wait for your announcement. :-) L8er Dave dr94cb@badger.ac.brocku.ca Team OS/2 ... Manners are noises you don't make while eating soup. 201434369420143436942014343694201434369420143436942014343694718 From: Christopher Baker Area: Public Key Encryption To: Dennis Eshelman 12 Nov 94 16:48:04 Subject: Re: legal PGP UpdReq -----BEGIN PGP SIGNED MESSAGE----- In a message dated: 08 Nov 94, Dennis Eshelman was quoted as saying: DE> I'm trying to say, is what is the future of public-key encryption? DE> Should I go ahead and post my public key, in PKEY_DROP, from 2.6.2? yes. 2.6.2 will lead to 3.0. 2.6.2 can read anything made by versions back to 2.3. pre-2.3 versions cannot read encryption or keys from 2.6.2. this is not a real problem since 2.6.2 is the current version and 2.3 should be abandoned just as 1.0 and 2.0 were in their time. TTFN. Chris -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: PGP 2.6.2 is LEGAL in Zone 1! So USE it! [grin] iQCVAwUBLsU4F8sQPBL4miT5AQGjVQQAl6AYS3FpbOxYSkiHeDT+THP3fNw0Az3a ykaYckvhh13lgkh8mO24hRGerqB+72Q8kkXv5aNImo1zXRo69NyGC9uya53ywems B/xw2TU4juovezogsESuEsh8TgjLHFr/J1QxyehL+3LmPTXYBoDQpbhfHntC/eox RxuZ/lj4ySg= =dwgJ -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Brian Giroux Area: Public Key Encryption To: All 13 Nov 94 10:10:00 Subject: MULTIPLE QUESTIONS... UpdReq I have several questions about using PGP. I have noticed that some people use multiple IDs on a single key. What are the pros and cons of doing this instead of issuing a separate key for each ID? When a person has multiple IDs on key, and other people have signed the key, the sigs appear under different IDs. For example, it appears as if persons 1, 2, and 3 signed ID (A), person 4 signed ID (B), and persons 5 and 6 signed ID (C). Is there a reason for signing a specific ID? Is there a way to get keys from a key server through FidoNet? The closest I can get to InterNet is sending mail to an InterNet address. What happens if I certify someone's key, and they turn out to be someone who just certifies people's keys without checking them out? Wouldn't I end up with keys that are marginally trusted, but really can't be trusted at all? In my "CONFIG.TXT" file, I changed the following settings: COMPLETES_NEEDED=2 MARGINALS_NEEDED=4 CERT_DEPTH=5 Does this look overly cautious to anyone? That's all my questions for now. Thanks in advance for any help. Brian Giroux PGP public key available * 1st 1.11 #1757 * The irony of life is that no one gets out alive. 201434369420143436942014343694201434369420143436942014343694718 From: Ian Hebert Area: Public Key Encryption To: Carl Hudkins 11 Nov 94 02:19:10 Subject: GOP vs. Clipper...? UpdReq CH> Even though I would rather have seen my party keep control of CH> the legislative branch (home-team kind of thing :) I am hoping that CH> since the Republicans say they are against "big government" they will CH> help put Clipper in the pine box where it belongs. CH> Does anybody have any educated info on this? Wasn't it President Bush who started the whole Clipper nonsense? Ian Hebert London, Ontario, Canada RIME: HOMEBASE Fido: 1:2401/114 Internet: ian.hebert@homebase.com PGP Key: 1024 / 077A2F7F 1993/02/11 PGP Key Fingerprint: A2 15 DE 22 DA FE D4 DC 0F 17 43 24 1F F2 1E 7B * RM 1.3 * Eval Day 266 * Modernize? I'm already looking for the latest CP/M software! 201434369420143436942014343694201434369420143436942014343694718 From: Ian Hebert Area: Public Key Encryption To: John Stephenson 12 Nov 94 00:46:10 Subject: PGP versions UpdReq JS> IL> And how do you feel about PGP 2.3a? That's what I use. I don't JS> IL> trust the 2.6+ versions but I do have 2.6ui to pretend it's JS> IL> any version. JS> SM> I'm curious; how come you trust Phil Zimmerman's word JS> SM> about 2.3a, but you don't trust his word about later versions? JS> I'm curious about something.. I've heard that RSAREF is simply another method JS> of using RSA, but it's a slower alogrythm.. It didn't kick in for a while but JS> whoever said that is wrong, or else RSAREF could decode, and encode to RSA -- JS> which of course is false. So, what truely IS the difference between RSA & JS> RSAREF? I know that RSAREF has been tested less throughly, but what about the JS> actual alog.? RSAREF is simply the implementation of RSA written by RSA Data Security, Inc. It is licensed for non-commercial use within the United States without payment of patent royalties that would otherwise be payable. RSAREF and Phil's original routines are interoperable; however the RSAREF code is said to be somewhat less efficient, and therefore slower. RSA Data Security Inc. contends that users in the United States cannot legally use PGP 2.3a and prior versions without infringing on their patents. That is why MIT had to become involved; the patent owner is MIT--it was MIT who sold the rights to the patent to RSA Data Security Inc. I don't believe it is correct to state that RSAREF has not been tested thoroughly. I believe that Dr. Rivest (the R in RSA) was involved in the development RSAREF. Ian Hebert London, Ontario, Canada RIME: HOMEBASE Fido: 1:2401/114 Internet: ian.hebert@homebase.com PGP Key: 1024 / 077A2F7F 1993/02/11 PGP Key Fingerprint: A2 15 DE 22 DA FE D4 DC 0F 17 43 24 1F F2 1E 7B * RM 1.3 * Eval Day 266 * Modernize? I'm already looking for the latest CP/M software! 201434369420143436942014343694201434369420143436942014343694718 From: Shawn McMahon Area: Public Key Encryption To: Jim Cannell 14 Nov 94 11:39:30 Subject: PKZIP security UpdReq Despite the stern warnings of the tribal elders, Jim Cannell said this to All: JC> Does anyone know about a method for cracking PKZIP passwords? Is JC> there a program (or a least an algorithm) available for this? JC> If so, where can I get a copy. Thanks. I've got one for hurling a dictionary at it quickly, but not one that does actual cryptanalysis. Want it? You have to provide your own dictionary with it. 201434369420143436942014343694201434369420143436942014343694718