Talk:Pretty Good Privacy
|
Missing image Key-crypto-sideways.png WikiProject on Cryptography | This article is part of WikiProject Cryptography, an attempt to build a comprehensive and detailed guide to cryptography in the Wikipedia. If you would like to participate, you can choose to edit the article attached to this page, or visit the project page, where you can join the project and see a list of open tasks. |
Pending tasks for [[Template:Articlespace:Pretty Good Privacy]]: (https://academickids.com:443/encyclopedia/index.php?title=Talk:Pretty_Good_Privacy&action=purge) | edit (https://academickids.com:443/encyclopedia/index.php?title=Talk:Pretty_Good_Privacy/to_do&action=edit) - watch (https://academickids.com:443/encyclopedia/index.php?title=Talk:Pretty_Good_Privacy/to_do&action=watch) - purge (https://academickids.com:443/encyclopedia/index.php?title=Talk:Pretty_Good_Privacy&action=purge) | |
---|---|---|
Contents |
Featured article candicacy
NB: This article was a featured article candidate in May 04. Comments on it may be found in the archives. It was not added to the featured article list despite near unanimous support. Resubmission in a month or so might be appropriate.
open-source =/= disclosed source
I changed open-source to "disclosed source" because, whilst the source code is publically available, it doesn't meet the Open Source Definition (because you can't distribute modified code, basically).
Also I removed the sentence "At least Phil Zimmerman can no longer make the decision" (I'm paraphrasing), because "At least" has an unfortunate double meaning in this context (it could be read to imply that it's a good thing that PRZ no longer has any direct influence over PGP - which I assume was not what the writer meant to say), and the sentence doesn't provide any information that can't be easily deduced by reading the rest of the article.
Psychosonik (band)?
Matt, I have no idea who the band Psychosonik (spelling?) is nor whether the song is any good. Your Google count indicates not much interest among the networked. BUT, it takes very little resource to keep the observation and I doesn't seem to me that, in the absence vandalistic/destructive intent, that the test should be quite 'Delete unless good reason for presence can be shown'. I'd be in favor of retaining on a 'No harm, no foul' basis. ww
POV objection unclear
Matt, I'm not sure what the nature of your POV objection is to PGP has been cryptographically excellent and influential. Can you explain? ww 14:25, 16 Apr 2004 (UTC)
- The "cryptographically excellent" bit; if you could say something like "many cryptography experts, for example Bruce Schneier, consider PGP to be a secure cryptosystem. (for e.g., I don't known Schneier's opinion), it would be better. — Matt 14:30, 16 Apr 2004 (UTC)
PGP developer notes edits
I did a number of edits here. They range from merely making sure that PRZ's name is spelled correctly to corrections to some of the history. I've been involved with PGP since 1997, and am the OpenPGP author/editor. Jon 3 May 2004
sentence incomprehensible
Current text in second paragraph is:
The name, on the other hand, is a bit of a joke. Garrison Keillor's hometown, Lake Wobegon, had a grocery store. Like most things Wobegonian, it was a bit odd. Among its oddities was the name, "Ralph's Pretty Good Grocery". Ralph's slogan was, "If you can't find it at Ralph's, you can probably get along without it." Zimmermann's playful side came out to play, and Pretty Good Privacy was the result, the reasoning being that if PGP isn't good enough security, you can probably get along without it.
Does that final sentence of that paragraph make sense? It doesn't seem to fit the sense of the original. - Bevo 17:31, 4 May 2004 (UTC)
Discussion of Jdcc edits
(Copied from User talk:Jdcc)
...I've removed a couple of phrases along the lines of "PGP's design has been (and remains) cryptographically excellent"; it would be better if we could replace such assertions with things like "PGP has been recommended for use by independent group of cryptographic experts X" or "Report Y by cryptographer Z finds no problems with the design of PGP".... — Matt 08:53, 4 May 2004 (UTC)
- Matt -- I don't mind your removing that phrase. I didn't write it, someone else did. All I did was fail to delete it. :-) I was mildly uncomfortable with it, but I thought it was both flattering to PGP and I agreed with it, so I left it there. If you want it gone, sure. I'm happy to put in some other things like that PGP is one of the two NIST-approved standards for message encryption (S/MIME is the other one).
- That would be exactly the right thing. We ought to convey that PGP is "pretty good" (and should be able to) using evidence like this.
- I tried very hard to correct things that I knew were mistakes, and fill in things that are part of the historical gray area of PGP. Simson's book ends at the beginning of '95. The Z-affaire ended in January '96. I did some work with them (being a fan) at that time and being a crypto guy at Apple. I left Apple for PGP Inc. in Jan '97, and consequently there are lots of things that were never adequately explained. Now the story can be told.
- It'd be great to have some of the less well documented bits about PGP explained. One thing you might want to watch out for, though, is that things on Wikipedia have to be (by "policy") verifiable (see Wikipedia:Verifiability) and not an original work, such as a primary historical account (see Wikipedia:No original research). What this means is that the first place a story is told shouldn't be Wikipedia (though it could very happily be the second!); if questioned, we should (in theory) be able to point at documentation or evidence for every fact we provide. — Matt 11:56, 7 May 2004 (UTC)
- Some stuff I changed because it was partially true -- for example, the explanation of digital signatures describes RSA but not DSA signatures. Thanks for leaving my edits predominately.
- -- Jon
Copied from User talk:Jdcc
WW -- I would like it if you did nominate it for 'featured.' I'm going back through and making some other edits.
For example: Elgamal is properly thus. I asked Taher years ago, and also worked for him. He is Egyptian by birth, and originally it would be "El Gamal". When he came to the US, two-word surnames are a hassle, so he went to "ElGamal" but that wasn't really any better. So now his legal name is "Elgamal". Yes, I know that Schneier spells it with the intra-cap. That is not the way Taher now spells his name.
- It might be an idea to note this at Taher ElGamal.
- Heck, I'll just go hack that up, too. -- Jon
The RSA patent wasn't merely "partially controlled" by MIT, they owned it. RSADSI (typo corrected, too) were the sole licensee who then sublicensed. Professors at MIT personally stared down RSADSI in those days.
- jdcc, That was me. There is a difference between ownership and control. MIT assigned the RSA patent to PKP Partners as part of a scheme to collect several of the public key patents under single control to make commercial exploitation easier. Same reason Bizdos went off to meet with Schnoor and license his patent.
- As I recall, MIT, Stanford, and another company owned PKP. The other company eventually sued the rest in a big kerfluffle, but that doesn't bear on this as I understand it. PKP in turn licensed to RSADSI which is their only claim to being the 'only source of RSA' and all that. So the term 'partially controlled' was carefully chosen to convey (briefly) the situation. I was trying to avoid any of the legal beagle and corporate scheming behind it all. Does that make clear the reasoning?
- I've gone ahead and nominated. Let's see what happens. ww 14:12, 7 May 2004 (UTC)
- Also got sidetracked into a large number of largely phrasing changes. Few should be problematic, but you might read it to see that I haven't miscontrued something. It's a lot cleaner now, though there are too many short paragraphs and so it reads somewhat choppily. Have to stop now, spent too much time on it! ww 18:33, 7 May 2004 (UTC)
- PKP was a partnership of RSADSI and Cylink. RSADSI was the sole licensee of the RSA patent (chiefly) and Cylink of the Merkle-Hellman and Diffie-Hellman patents (chiefly). These in turn were owned by MIT and Stanford respectively. At the time of PGP 2.5-2.6, disagreements between RSA and Cylink were already brewing. My source on that tale is Jeff Schiller of MIT, who regaled me with a lot of history at one IETF. He told me that the ultimate owner, MIT, weighed in on approval of PGP. A number of people, notably Hal Levin, simply started distributing PGP as essentially MIT's, daring anyone to object. I suppose that had Cylink wanted to intervene, they could have (M-H covered the concept of public key cryptography), but chose not to. The PKP divorce is another long story.
- Jon, Ah, Cylink was the other company, the one that sued. It had fallen out of my head. And it looks like my memory had PKP --> RSADSI when it was actually RSADSI --> PKP to corral all those patents for exploitation purposes. When the lawyers get involved it seems like everything turns into a long story.
- Anyway, the distinction I was making between ownership and control remains relevant, I think. MIT's involvement was not so simple as "we own and so we'll do what we like with it in re letting PGP use RSA", and that's what I was aiming to convey. Still, on this I think you should choose the terminology, having heard other concerns. Unless PRZ thinks another phrase is better still? ww 15:48, 8 May 2004 (UTC)
- PKP was a partnership of RSADSI and Cylink. RSADSI was the sole licensee of the RSA patent (chiefly) and Cylink of the Merkle-Hellman and Diffie-Hellman patents (chiefly). These in turn were owned by MIT and Stanford respectively. At the time of PGP 2.5-2.6, disagreements between RSA and Cylink were already brewing. My source on that tale is Jeff Schiller of MIT, who regaled me with a lot of history at one IETF. He told me that the ultimate owner, MIT, weighed in on approval of PGP. A number of people, notably Hal Levin, simply started distributing PGP as essentially MIT's, daring anyone to object. I suppose that had Cylink wanted to intervene, they could have (M-H covered the concept of public key cryptography), but chose not to. The PKP divorce is another long story.
- I've skimmed this and am presently at the point where I can no longer critically read it. It all appears to be perfect enough. I've turned PRZ on this to supply his comments. I made a few minor edits at his request last night and will do more that he calls out. Jon
The security problems with PGP 2 have not been patched. They are still there, and I believe that unless you are already a PGP 2 user, you shouldn't. They are:
- PGP 2 uses MD5, which is known to have flaws.
- The fingerprint of the PGP 2 keys is the MD5 hash of the public key data, but not its length. This means that it can be spoofed.
- The key id of a key is the low 64 bits of the public modulus, which can be spoofed. In the new keys, it's a truncated hash.
- The Katz attack works best against PGP 2, and is thwarted with MDC in OpenPGP.
None of these can be patched. None of them are "oh, my god, bar the door!" flaws, but they're flaws.
- J, Check the changes I've made. Does it now have the sense needed? ww 18:33, 7 May 2004 (UTC)
There are some flaws that could be patched against, like the Klima attack to get the private key. But realistically, that fix isn't in the average copy of 2.6.whatever. Also, realistically, no one is going to do a Klima attack against you who can't do something more interesting. The Klima attack requires write access to the disk. Nonetheless, no new user should be using PGP 2, any more than they should be using Windows 3.1, Mac OS 7.5, or Linux 0.99 (which all date from the same era).
suggestions re featured candidate status
On the featured article candidate page, jwr made some helpful suggestions. Many of them have been implemented as of this note. None are meant to change any content, but to reblock, add headings, subheadings, and some framing comments here and there. ww 15:39, 11 May 2004 (UTC)
Hey, it might be an idea to include an ISBN for the book mentioned in the references/links section. Also, I found slightly frustrating the "(see Zimmermann's published testimony in various hearings)" type things. I would have liked to be able to more easily follow a link or reference to these things. Seems a teeny bit long at times too. How about a timeline diagram? I can knock one of these up for you if anyone thinks it's an idea with merit. Pmcm 23:46, 16 Aug 2004 (UTC)
- If we can find some web links it would be great. I think a short-ish chronology would be quite useful; I suspect it'd be better, in this case, in the form of a table rather than a timeline diagram. — Matt 03:19, 17 Aug 2004 (UTC)
Most widely used?
- It is, in its various versions, the most widely used cryptosystem in the world.
Do we have evidence for this? (I'm slightly skeptical...what about various mobile phone encryption standards? US military communication hardware (which must see use in a fair few places)? Financial cryptography?) ... OK, the latest version is:
- Throughout the world, it is, in its various versions, the cryptosystem most frequently chosen by users.
It might be, but I'd like to see some evidence (and the wording does sound a little like a washing powder advert!) — Matt 07:19, 4 Sep 2004 (UTC)
- But PGP does keep one's laundry private. Should it not sound like a detergent (AE usage, but in this case I prefer BE) ad (again AE, while I prefer BE)? ww 20:13, 9 Sep 2004 (UTC)
small typo
'entire' was changed to 'entirely'. It wasn't a typo, just an unusual use of language. ww 14:25, 13 Jul 2004 (UTC)
- If it's unusual enough to look like a typo to most people (and it does to me, too), it's probably better as "entirely". (As an aside, is it really correct to use this adverbially?) — Matt 22:56, 13 Jul 2004 (UTC)
- Matt, Yes, in the sense that I've seen it used that way, though perhaps not in technical writing. I think it was a poem; certainly something literary. I agree that it's misreadable, having been now misread twice. Is it so clearly misreadable as to not be usable? ww 18:45, 14 Jul 2004 (UTC)
this section somewhat technical
Matt, This note was inserted in response to a plea from a reviewer (by jwr?) that technical material was not sufficiently separated for those not interested in it. It thus was, in some sense, an invited note. I think it ought to be restored. ww 16:22, 10 Sep 2004 (UTC)
- I agree that separating out technical material is a good idea, but what purpose does it serve to place a note indicating that we have done so? — Matt 17:05, 10 Sep 2004 (UTC)
- Matt, Reader warning. Some are non-plussed when encountering technical material, perhaps especially mathematical or somewhat mathematical stuff. I wouldn't myself have thought of it perhaps, despite some experience with the problem, but had it called to my attention in this instance. There was even a note (to my talk I think) appreciating it not long after it was added.
- How to handle such material for the non technical is a perennial problem and painful experience forces me to the conclusion that no 'solution' will be acceptable to all. I was guided here by a representative of the opressed. ww 17:41, 10 Sep 2004 (UTC)
Improper wording?
Shouldn't the choice of words be refined a little? The article has some words that don't seem well-chosen for an encyclopedia. For example:
- "[..] the FBI >got< a court order [..]"
- In "Limitations": ``PGP cannot keep out the FBI if they have a court order and sneak into your computer via burglary or the Internet, can't deter the FSB from torturing your passphrase out of you [..]´´
Just an opinion. Please tell me if I am wrong.--Logariasmo 00:12, 27 Sep 2004 (UTC)
- If you feel a change is needed, feel free to make it yourself! Wikipedia is a wiki, so anyone — including you — can edit any article by clicking the edit this page tab at the top of the page. You don't even need to log in, although there are several reasons why you might want to. Wikipedia convention is to be bold and not be afraid of making mistakes. If you're not sure how editing works, have a look at How to edit a page, or try out the Sandbox to test your editing skills. New contributors are always welcome. — Matt 08:11, 27 Sep 2004 (UTC)
- Yes, but in this case, I wanted to know if it was just me who thought this has to be corrected. In any case, I will make some changes.--Logariasmo 15:09, 27 Sep 2004 (UTC)
- Your changes look good to me, thanks! — Matt 15:38, 27 Sep 2004 (UTC)
- Yes, but in this case, I wanted to know if it was just me who thought this has to be corrected. In any case, I will make some changes.--Logariasmo 15:09, 27 Sep 2004 (UTC)
Ståle Schumacher Ytteborg
Hi,
I am curious what is the edit option under Wiki is for. I have tried to correct that Stale is a lady, but the system (or the editor) changed back to a man. I was an original contributor to PGPi project back in 1999. And I am 100 % absolutely certain that Stale is a lady, got married and has kid(s). She has been a great coordinator for the international versions of PGP. In the previous pgpi.org website one can information on her (having to look further).
Thank you.
T. Netratanawong 23 November 2004
- Your information contradicts at least Ståle Schumacher Ytteborg which reads "He is married to Ulrikke Isabelle Ytteborg; they have two children.". Certainly, this guy (http://www.schumacher.no/family/?command=biography&pno=1) has the same name and the same birth year, and the same name change. I cannot find any evidence at pgpi.org — do you have a source? — Matt 00:51, 23 Nov 2004 (UTC)
- this archived copy of a homepage (http://web.archive.org/web/20031218100103/stale.schumacher.ytteb.org/) gives further evidence that everyone's discussing the same individual here. — Matt 00:56, 23 Nov 2004 (UTC)
- Ståle is very, very definitely a man's name in Norway. Egil 02:35, 10 Jan 2005 (UTC)
- this archived copy of a homepage (http://web.archive.org/web/20031218100103/stale.schumacher.ytteb.org/) gives further evidence that everyone's discussing the same individual here. — Matt 00:56, 23 Nov 2004 (UTC)
Split Article
It may be wise to spit this article into 2 or preferably 3 articles. PGP should really describe the software that goes under that name. While some details of operation should be on that page not all of it should be. OpenPGP should be seperate article that discusses the IETF standard. Technical details that apply equally to all implementations of OpenPGP should be discussed there. Finally because the history of both PGP (the app) and OpenPGP (the format), are pretty much the same the history and is quite long it should probably be at History of PGP with History of OpenPGP as a redirect.
And of course all pages, should be clear on how PGP (the format) was once proprietary but then opened by OpenPGP. 66.144.41.232 17:42, 19 Apr 2005 (UTC)
- How much is there to say about PGP-the-software that's not also historical? IMO most of the current article would end up in either (Open)PGP-the-format or History of PGP. -- JTN 21:11, 2005 Apr 19 (UTC)
- Okay. very true. Then how about just the OpenPGP split. Some of the infor,ation is duplicated on GPG which is a waste. Details on how one works that applies to both, (and most likely all other implementations) should really be in one place, if just to ensure that they stay reasonably synchronized. 205.240.38.27 00:37, 20 Apr 2005 (UTC)
- OpenPGP was a separate article until it was merged in last month. I don't have a strong opinion on it, but I'd lean towards splitting the OpenPGP stuff back out again. — Matt Crypto 01:26, 20 Apr 2005 (UTC)
- Okay. very true. Then how about just the OpenPGP split. Some of the infor,ation is duplicated on GPG which is a waste. Details on how one works that applies to both, (and most likely all other implementations) should really be in one place, if just to ensure that they stay reasonably synchronized. 205.240.38.27 00:37, 20 Apr 2005 (UTC)
- I merged in OpenPGP in order to reduce redundancy and compare it to the pre-OpenPGP format; I didn't think I could usefully do that if the material was in separate articles. (The comparison is not just of historical interest as there are still V3 keys in circulation, and probably will be for the foreseeable future, as they have hard-won signatures; this was my main motivation for finding out about this stuff in the first place.)
- I agree that reducing redundancy in articles like GPG is good. I think there's stuff that could be trimmed from this article - for instance, there's a lot of stuff that would be better described in reference to generic cryptography articles, such as asymmetrically encrypting a symmetric session key , which is hardly unique to PGP - but I haven't got round to it myself yet.
- JTN 10:26, 2005 Apr 20 (UTC)