[Wolves] PGP

Jon Farmer jonfarmer at enta.net
Thu Aug 12 13:58:20 BST 2004


Peter Evans wrote:


> Can't recall who asked about access to the Verisign (and allied commerical) 
> cryptographic code.  The short answer is you can't get access to the code, 
> that's proprietary and company copyrighted.  I believe this to be true for 
> Verisign and other crypto providers, but I have make it clear that this is 
> only my understanding and as I don't work for any of them I can't be sure 
> that it's completely accurate.  If someone does know of a commercial crypto 
> house that publishes it's source code then please let us know.  What should 
> be freely available to all is the algorithms that these companies use upon 
> which their product is based.

Algorithms alone are no good. You need to know if there are any back 
doors or other vunerabilities in the software. Some have alleged in the 
past that the NSA has a back door into PGP. Having the source code 
allows you to find out for yourself if there are any back doors or other 
nasties in your product of choice.

Regards

Jon



-- 
Jon Farmer
Systems Programmer
Entanet International Ltd
GPG Fingerprint ABCB 6E92 59B8 001F FE9C  0817 A2D6 0151 FF49 9040
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
Url : http://mailman.lug.org.uk/pipermail/wolves/attachments/20040812/95224968/signature-0001.bin


More information about the Wolves mailing list