Uhh....

1) The version of 5.0i (and 5.5i for that matter) is perfectly legal and
is exported legally from the states. It can be "used in almost any country
in the world," according to www.pgpi.com. 

2) I just generated a 2.x-style RSA-based public/secret keypair that work
fine with 2.x .. what versions are you talking about..? 5.x(i) works
perfectly with 2.x version of PGP. I refuse to use anything but the
international version for this type of reason alone.. The only thing I
can't do is share a diffie-hellman key with an old 2.6-user.

marc tooley
sudog@dcss.douglas.bc.ca
p.s. even though 5.0 is available from pgpi.com, there really isn't a
reason to use it..  why bother with annoying restrictions?

> : This may start a flame war I realize, but I have it from a security pro 
> : that between 2.6.x and 5.0 some of the very basics changed (2.6 and 5.0 
> : encoded messages are not interchangeable?) and they no longer make their 
> : source available.  If you're really paranoid, this rings bells....of 
> : course, if you're this paranoid, you probably hear bells a lot.
> 
> Actually, the commercial version of PGP 5.0 _is_ interworkable with 2.6 - it
> allows you to create 2.x RSA keys as well as sign using 2.x keys.  The
> freeware version can only make use of existing 2.x keys for encryption, and
> connot generate 2.x keys (you're stuck with the 5.x Diffie-Hellman keys).
> 
> The source for PGP 5.0 is available through www.pgpi.com (NO, not
> www.pgp.com), but because of the licensing, isn't legal to *use* anywhere,
> just to read.  ;)