Mailing List Archive: GnuPG: users

Re: ADKs

Index | Next | Previous | View Threaded

rjh at sixdemonbag

Feb 19, 2008, 5:34 PM

Post #1 of 4 (400 views)
Permalink

Re: ADKs

Nicholas Cole wrote:
> Although, of course, if there really are patent issues, it can't
> happen, but perhaps PGP Corp would/could be flexible on this point.

Not happening. GnuPG is already making inroads enough on the server
market. ADK is one of the few features which (a) PGP can claim over
GnuPG and (b) businesses want. If GnuPG implemented ADK-like features,
that would likely present enough of a competitive threat to encourage
PGP to wave the patent hammer.

The last time I talked to a patent lawyer about software (I had a nifty
thing I wanted to implement and needed to make sure I wasn't walking
into a patent lawsuit), I paid my $200/hr and got this bit of
professional advice: "in today's software market, patents are used a lot
more to keep other people out than to bring money in."

Assuming that my lawyer is accurate, the ADK patent would seem like an
obvious one to use in such a way: it is more useful to PGP to have it
around to keep competitors out of a certain part of the market than it
would be to have it around to license to competitors to allow them into
that certain part of the market.

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

bahamut at digital-signal

Feb 26, 2008, 8:00 AM

Post #2 of 4 (351 views)
Permalink

Re: Corporate use of gnupg [In reply to]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Robert J. Hansen wrote:
| The last time I talked to a patent lawyer about software (I had a
nifty thing I wanted to implement and needed to make sure I wasn't
walking into a patent lawsuit), I paid my $200/hr and got this bit of
professional advice: "in today's software market, patents are used a lot
more to keep other people out than to bring money in."
Well, /I/ could've told you that. Don't tell me you never figured that
out on your own.

David Shaw wrote:
| Yes. Put "encrypt-to (the-adk-key)" in everyone's gpg.conf.
|
| Of course, they could turn around and take it right out again. Unless
| you have pretty tight control over the environment, ADKs or
| encrypt-tos are not foolproof (and that applies to both PGP and GPG).
Why can't they take away write privileges of gpg.conf (and the gpg
executables for that matter) from normal users? AFAIK, that would be
pretty simple (at least on a *nix system).

Or did I overlook something important?

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBAwAGBQJHxDelAAoJEPiOA0Bgp4/LlfEH/Ap9Y7JiLtpFOs2U2FvqYVu5
xhZCy0Fo5SumAP7+OWA/lvZ1SU/zFCrSF2k/k+BZmnQtgh0h+lt3l78t1cR+tk+Z
PkJPkPce0QbJ+lDl5OZNNkT8J166FVcm0UVdkTBkg/vBBcnn17k/gZAptV6sZg6A
95CnCxCxQCLhshCP/WhjrahM/CbG/cVx8nEU99TysC+Bt2a/8YuXd/HUAvhcoh6I
RNbVGTmcHh8BZKp7tLbnhIpubBuLNscjssKCTos898JJ/tBSrTCZLMfNmNKP5Gtw
OqzAkWj1wJ99VWZaWMOejeGE22U+ccSePeUIrojZ5NLDhlzUTUmaZghamlgLlFk=
=zC7/
-----END PGP SIGNATURE-----

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

yalla at fsfe

Feb 26, 2008, 8:07 AM

Post #3 of 4 (354 views)
Permalink

Re: Corporate use of gnupg [In reply to]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Andrew Berg wrote:
> Why can't they take away write privileges of gpg.conf (and the gpg
> executables for that matter) from normal users? AFAIK, that would be
> pretty simple (at least on a *nix system).

You'd need to take away write-rights from the directory where gpg.conf
resides - but that also would prevent the user of filling his or her
keyring. All those files are in ~/.gnupg after all...

You could probably put up all files in different directories and tell
gnupg to use the files from certain locations.
Or chown() the gnupg.conf to some other user. Not sure if gpg will read
the file then though.

Alex.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)

iQCVAwUBR8Q5XRYlVVSQ3uFxAQKBOwQAwPSSQEejvXoOcNOlKQpMXNR8sc59R/xc
Wys10rqzf1SljK+vSj95hOc06yQOh0ox0vwqoGjVPPtDbmHJDroN3Juunnrk6DwY
AaIsXHn8ea2/snAn8mMXdXQzNqDqVKFE7Um4OJXLcDDVXjD2V+GXrFFVmOKaxgCB
Qv2mJi+InEE=
=7iFo
-----END PGP SIGNATURE-----

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

rjh at sixdemonbag

Feb 26, 2008, 9:22 AM

Post #4 of 4 (359 views)
Permalink

Re: Corporate use of gnupg [In reply to]

Andrew Berg wrote:
> Well, /I/ could've told you that. Don't tell me you never figured that
> out on your own.

Unless your day job involves being intimately involved in IP
transactions (not just writing code), you could have _speculated_ on
that. There's a big difference between what you believe to be true,
what you think to be true, what you know to be true, and what you can
prove to be true.

When dealing with actual dollars and cents, it pays off in the long run
to pay the money required to get opinions from people who can prove the
correctness of their assertions. This is true whether you're talking
about information security, law, medicine, or just about anything else.

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads