|
»
Corporate use of gnupg
|
View:
New views
8 Messages
—
Rating Filter:
Alert me
|
| < Prev | 1 - 2 | Next > |
 |
|
|
|
Re: ADKs (was: Corporate use of gnupg)
by Nicholas Cole
::
Rate this Message:
On Tue, Feb 19, 2008 at 5:49 PM, David Shaw <dshaw@...> wrote:
> Even if the patent issue was resolved, it doesn't really solve much to > have GPG follow the ADK. GPG is distributed as source - easy enough > for someone to simply comment out the ADK code if they didn't want it > to take effect. Dear David, Thank you for your long and clear reply. I take the point about the patent issues completely. However, just for a moment assuming that the patent issue could be solved in a way that would not upset PGP... OpenPGP has done well in 'closed' environments (as you define them), but has always stumbled in more potentially open settings. This has always seemed to me a huge shame. There seem to be at least some settings where ADK makes sense and would encourage the use of PGP. Of course, it is simply a 'request', but it is a reasonable request and (as far as I can see) a much better way to handle these issues than saying to people 'please always encrypt to my corporate key manually'. The point about ADK being something that can be circumvented is not, I think, a real issue. It has always seemed to me that ADK is something much more akin to all the other preferences already stored on a key - a request to PGP-compatible programs to encrypt data in a particular way. Since it would encourage the use of encryption in environments where it is not currently used, I would see it as nothing but a good thing. Although, of course, if there really are patent issues, it can't happen, but perhaps PGP Corp would/could be flexible on this point. Best wishes, N. _______________________________________________ Gnupg-users mailing list Gnupg-users@... http://lists.gnupg.org/mailman/listinfo/gnupg-users |
|
|
Re: ADKs
by Robert J. Hansen-3
::
Rate this Message:
Nicholas Cole wrote:
> Although, of course, if there really are patent issues, it can't > happen, but perhaps PGP Corp would/could be flexible on this point. Not happening. GnuPG is already making inroads enough on the server market. ADK is one of the few features which (a) PGP can claim over GnuPG and (b) businesses want. If GnuPG implemented ADK-like features, that would likely present enough of a competitive threat to encourage PGP to wave the patent hammer. The last time I talked to a patent lawyer about software (I had a nifty thing I wanted to implement and needed to make sure I wasn't walking into a patent lawsuit), I paid my $200/hr and got this bit of professional advice: "in today's software market, patents are used a lot more to keep other people out than to bring money in." Assuming that my lawyer is accurate, the ADK patent would seem like an obvious one to use in such a way: it is more useful to PGP to have it around to keep competitors out of a certain part of the market than it would be to have it around to license to competitors to allow them into that certain part of the market. _______________________________________________ Gnupg-users mailing list Gnupg-users@... http://lists.gnupg.org/mailman/listinfo/gnupg-users |
|
|
Re: Corporate use of gnupg
by Andrew Berg-2
::
Rate this Message:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160 Robert J. Hansen wrote: | The last time I talked to a patent lawyer about software (I had a nifty thing I wanted to implement and needed to make sure I wasn't walking into a patent lawsuit), I paid my $200/hr and got this bit of professional advice: "in today's software market, patents are used a lot more to keep other people out than to bring money in." Well, /I/ could've told you that. Don't tell me you never figured that out on your own. David Shaw wrote: | Yes. Put "encrypt-to (the-adk-key)" in everyone's gpg.conf. | | Of course, they could turn around and take it right out again. Unless | you have pretty tight control over the environment, ADKs or | encrypt-tos are not foolproof (and that applies to both PGP and GPG). Why can't they take away write privileges of gpg.conf (and the gpg executables for that matter) from normal users? AFAIK, that would be pretty simple (at least on a *nix system). Or did I overlook something important? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEcBAEBAwAGBQJHxDelAAoJEPiOA0Bgp4/LlfEH/Ap9Y7JiLtpFOs2U2FvqYVu5 xhZCy0Fo5SumAP7+OWA/lvZ1SU/zFCrSF2k/k+BZmnQtgh0h+lt3l78t1cR+tk+Z PkJPkPce0QbJ+lDl5OZNNkT8J166FVcm0UVdkTBkg/vBBcnn17k/gZAptV6sZg6A 95CnCxCxQCLhshCP/WhjrahM/CbG/cVx8nEU99TysC+Bt2a/8YuXd/HUAvhcoh6I RNbVGTmcHh8BZKp7tLbnhIpubBuLNscjssKCTos898JJ/tBSrTCZLMfNmNKP5Gtw OqzAkWj1wJ99VWZaWMOejeGE22U+ccSePeUIrojZ5NLDhlzUTUmaZghamlgLlFk= =zC7/ -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@... http://lists.gnupg.org/mailman/listinfo/gnupg-users |
|
|
Re: Corporate use of gnupg
by Alexander W. Janssen-3
::
Rate this Message:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 Andrew Berg wrote: > Why can't they take away write privileges of gpg.conf (and the gpg > executables for that matter) from normal users? AFAIK, that would be > pretty simple (at least on a *nix system). You'd need to take away write-rights from the directory where gpg.conf resides - but that also would prevent the user of filling his or her keyring. All those files are in ~/.gnupg after all... You could probably put up all files in different directories and tell gnupg to use the files from certain locations. Or chown() the gnupg.conf to some other user. Not sure if gpg will read the file then though. Alex. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) iQCVAwUBR8Q5XRYlVVSQ3uFxAQKBOwQAwPSSQEejvXoOcNOlKQpMXNR8sc59R/xc Wys10rqzf1SljK+vSj95hOc06yQOh0ox0vwqoGjVPPtDbmHJDroN3Juunnrk6DwY AaIsXHn8ea2/snAn8mMXdXQzNqDqVKFE7Um4OJXLcDDVXjD2V+GXrFFVmOKaxgCB Qv2mJi+InEE= =7iFo -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@... http://lists.gnupg.org/mailman/listinfo/gnupg-users |
|
|
Re: Corporate use of gnupg
by Robert J. Hansen-3
::
Rate this Message:
Andrew Berg wrote:
> Well, /I/ could've told you that. Don't tell me you never figured that > out on your own. Unless your day job involves being intimately involved in IP transactions (not just writing code), you could have _speculated_ on that. There's a big difference between what you believe to be true, what you think to be true, what you know to be true, and what you can prove to be true. When dealing with actual dollars and cents, it pays off in the long run to pay the money required to get opinions from people who can prove the correctness of their assertions. This is true whether you're talking about information security, law, medicine, or just about anything else. _______________________________________________ Gnupg-users mailing list Gnupg-users@... http://lists.gnupg.org/mailman/listinfo/gnupg-users |
|
|
|
|
|
Re: Corporate use of gnupg
by Andrew Berg-2
::
Rate this Message:
Robert J. Hansen wrote:
> Andrew Berg wrote: > >> Well, /I/ could've told you that. Don't tell me you never figured that >> out on your own. >> > Unless your day job involves being intimately involved in IP > transactions (not just writing code), you could have _speculated_ on > that. Although I would not bet my life on that, I don't agree that "speculated" is the right word. I have a bit more confidence it in it than that. > There's a big difference between what you believe to be true, > what you think to be true, what you know to be true, and what you can > prove to be true. > Agreed. > When dealing with actual dollars and cents, it pays off in the long run > to pay the money required to get opinions from people who can prove the > correctness of their assertions. This is true whether you're talking > about information security, law, medicine, or just about anything else. I would agree that when there are real, serious negative consequences involved, one cannot always afford to rely on assumptions, assertions, etc.. _______________________________________________ Gnupg-users mailing list Gnupg-users@... http://lists.gnupg.org/mailman/listinfo/gnupg-users |
| < Prev | 1 - 2 | Next > |
| Free embeddable forum powered by Nabble | Forum Help |
