On Tue, 27 Oct 1998, Bjoern Labitzke wrote:

: > Actually, the commercial version of PGP 5.0 _is_ interworkable with 2.6 - it
: > allows you to create 2.x RSA keys as well as sign using 2.x keys.  The
: > freeware version can only make use of existing 2.x keys for encryption, and
: > connot generate 2.x keys (you're stuck with the 5.x Diffie-Hellman keys).
: 
: Sorry, that's not quite right either. The freeware source for Unix systems
: of 5.0i

Uh, 5.0i is not quite freeware, and is not *the* Freeware version of PGP.
The PGP freeware version I refer to is the PGPfreeware code that you get
from MIT's distribution site and ultimately from Network Associates, NOT the
code from www.pgpi.com scanned from the PGP books.

: > The source for PGP 5.0 is available through www.pgpi.com (NO, not
: > www.pgp.com), but because of the licensing, isn't legal to *use* anywhere,
: > just to read.  ;)
: 
: I am no expert here, but AFAIK the source was exported correctly (via
: publishing a book and scanning that in), so the code is free and CAN be
: used internationally! Of course you aren't allowed to export the source in
: digital form.

It's not exporting of the crypto code that is the licensing issue.  It's USE
of all the code in PGP.  From interpretations of the license from several
sources, the books are sold under a license of "research use only" and
explicitly prohibit actual use of code obtained from those books without an
appropriate license.  (That doesn't mean that NA doesn't _overlook_ 5.0i
users, at least for now.)

-- 
-- Todd Vierling (Personal tv@pobox.com; Bus. todd_vierling@xn.xerox.com)