Zimmermann Leaves NAI

    Date20 Feb 2001
    CategoryCryptography
    2748
    Posted ByAnthony Pell
    Phil Zimmermann, creator of PGP, the ubiquitous personal cryptography program, has left Network Associates after three years. Included below is his public 'resignation letter' and followed by a link to a ZDNET UK article that describes what he's doing next.. . . Phil Zimmermann, creator of PGP, the ubiquitous personal cryptography program, has left Network Associates after three years. Included below is his public 'resignation letter' and followed by a link to a ZDNET UK article that describes what he's doing next.

    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 A note to PGP users: As most PGP users know, Network Associates Inc (NAI) acquired my company, PGP Inc, in December 1997. For three years after that, I stayed on with NAI as Senior Fellow, to provide technical guidance for PGP's continued development, and to ensure PGP's cryptographic integrity. But I can't stay on forever. In the past three years, NAI has developed a different vision for PGP's future, and it's time for me to move on to other projects more fitting with my own objectives to protect personal privacy. Let me assure all PGP users that all versions of PGP produced by NAI, and PGP Security, a division of NAI, up to and including the current (January 2001) release, PGP 7.0.3, are free of back doors. In all previous releases, up through PGP 6.5.8, this has been proven by the release of complete source code for public peer review. New senior management assumed control of PGP Security in the final months of 2000, and decided to reduce how much PGP source code they would publish. If NAI ever publishes the complete PGP 7.0.3 source code, I am confident that the public will be able to see that there are still no back doors. Until that time, I can offer only my own assurances that this version of PGP was developed on my watch, and has no back doors. In fact, I believe it to be the most secure version of PGP produced to date. While it is true that NAI holds the PGP trademark and the source code for the NAI implementation of PGP, I'd like to point out that PGP is defined by an IETF open standard called OpenPGP, embodied in IETF RFC 2440, which any company may implement freely into its products. I will be working with other companies to support implementations of the OpenPGP standard, to turn it into a real industry standard supported by multiple vendors. I think the emergence of more than one strong commercial implementation of the OpenPGP standard is necessary for the long term health of the PGP movement, and will, incidentally, ultimately benefit NAI. To this end, I will be assisting the makers of HushMail, Hush Communications (http://www.hush.com), to implement the OpenPGP standard in their future products. They will be doing their own announcement of this new relationship. In addition, I will be assisting Veridis (http://www.veridis.com), a recent spin-off of Highware (http://www.highware.com), to create other OpenPGP compliant products, including software for certificate authorities for the OpenPGP community. I am also launching the OpenPGP Consortium (http://openpgp.org), to facilitate interoperability of different vendors' implementations of the OpenPGP standard, as well as to help guide future directions of the OpenPGP standard. This coming June marks the 10 year anniversary of the 1991 release of PGP to the public. PGP was originally designed for human rights applications, and to protect privacy and civil liberties in the information age. By proliferating the OpenPGP standard, we can renew that promise, and continue the commitment to personal privacy that captured the imagination and participation of millions around the world. Philip Zimmermann 19 Feb 2001 This email address is being protected from spambots. You need JavaScript enabled to view it. http://web.mit.edu/prz tel. +1 650 347-9743 -----BEGIN PGP SIGNATURE----- Version: PGP 7.0.3 iQA/AwUBOpDtWmPLaR3669X8EQLv0gCgs6zaYetj4JwkCiDSzQJZ1ugMhqsAoMgS me78KR5VEfCVEUFpwOCCk8Tx =JVF2 -----END PGP SIGNATURE----- -- ------------------------------------------------------ Philip R Zimmermann http://web.mit.edu/prz tel +1 650 347-9743 This email address is being protected from spambots. You need JavaScript enabled to view it. fax +1 650 348-4849

    You are not authorised to post comments.

    LinuxSecurity Poll

    Do you reuse passwords across multiple accounts?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    13
    radio
    [{"id":"55","title":"Yes","votes":"5","type":"x","order":"1","pct":45.45,"resources":[]},{"id":"56","title":"No","votes":"6","type":"x","order":"2","pct":54.55,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.