tobold.org

correct • elegant • free

△ comp.mail.* △

◅ x400 vs internet debate

List of type/subtypes ▻

PEM

In article <24qmjq$ofj@tank.pipex.net> I (tim@pipex.net) mentioned PEM.

In article <CBx7u2.KJ8@cantua.canterbury.ac.nz> Jason Haar
<j.haar@csc.canterbury.ac.nz> writes:
>I can't understand how such a US-centric application can get into the
>RFCs. Don't forget your government won't allow such crypto-technology to
>be exported from the States. You won't be able to do more than use it
>between each other 'cause no-one else is allowed to.

*My* government?

Yes: PEM code developed in the US can't be exported outside North
America.  But there's nothing to stop you writing a PEM implementation
in New Zealand.  There are at least two PEM implementations being
written in the UK, and three or four others (one commercial, I
believe) in the rest of Europe.

Yes: it's far from an ideal situation.  I have an extremely low opinion
of PKP (Public Key Partners---the company that owns the relevant
cryptographic patents), and the US government, which seems to have
played into their hands.  I suspect PKP (and probably a bunch of
lawyers) stand to make quite a lot of money out of PEM.  But I don't
think the legal obstacles to widespread adoption of PEM are
insuperable.  (There are also technical, management, and political
obstacles of course.  I offer no opinion of these here.)

>We've got the same problem with Kerberos. Two of our major machine types
>support Kerberos in the latest releases, but as we're not in the States,
>the companies cannot include it in the distributions we get >:-( Yet the
>sales-droids still push it as a selling-point...

The problem here may be that Kerberos is down in the network layers (I
think?).  Since PEM is an application, you're not dependent on your
hardware vendor.

BTW, returning to the original theme of this thread, X.400 is just as
hampered (or otherwise) by patents as PEM, since it uses the same
cryptographic technology.

Disclaimer: I'm neither a lawyer, not a cryptographer.

Tim.
--
Tim Goodwin | tim@pipex.net  or | Usenet will also be converted to OSI-based
PIPEX Ltd   | tim@unipalm.co.uk | services in the long term - B Plattner et al.

Original headers:

From: tim@pipex.net (Tim Goodwin)
Newsgroups: comp.mail.mime
Subject: PEM (Privacy Enhanced Mail) (was Re: x400 vs internet debate)
Date: 18 Aug 1993 10:34:56 +0100
Organization: Pipex Ltd, Cambridge, UK.
Message-ID: <24st40$1k3@tank.pipex.net>
References: <zdunic.745566658@marsh> <24qmjq$ofj@tank.pipex.net>
  <CBx7u2.KJ8@cantua.canterbury.ac.nz>

△ comp.mail.* △

◅ x400 vs internet debate

List of type/subtypes ▻