Werner Koch wrote: > According to the bug reports I receive for GnuPG, it seems that > even the latest versions of PGP (7.0.3?) are still not OpenPGP > compatible.
No, the latest version for Win32 is 7.1.1, and for MacOS 9 it is 7.1.0. I think it should be pointed out what a loaded statement the above is as well. That's like saying, "have you stopped beating your wife?" I would encourage some objectivity on that. > At least they still don't understand version 4 signatures on data > packets (only on keys). I had in mind that this was fixed some > time ago, but obviously this isn't the case. I'm fairly sure we support that in 7.1.0 and up. > There is a problem wrt text mode signatures: [..] That's not the only problem with text mode signatures. International characters present an even larger challenge. Most of this is not PGP/GPG's problem technically. The plethora of mail clients out there don't handle it well either. Going forward, UTF8 migration is likely to cause some growing pains for everybody. > Interoperability tests should have happened last summer but for > unknown reasons they didn't. It is very sad to see that after 3 > years we have not achieved to get OpenPGP into draft status :-(. It is a mystery to us as well what happened with that... We were ready to proceed, but we were not the organizer so it was out of our hands. Derek Atkins wrote: > Is there even development on the PGP (product) line? Well, yes, but see: http://www.pgp.com/other/jump/customer-faq.asp The products you know as "PGP" are in a "maintenance mode" "until a transition agreement is developed with a purchasing vendor". So, we currently are in the process of working through that. We just released PGP 7.1.1 last week, so development does continue in the meantime. > AFAIK they (NAI) have not release PGP 7.x in source form. Not true. See: http://www.pgp.com/downloads/pgpsdk-agreement.asp The SDK (which still includes little bits of your code Derek, and all other crypto/network/passphrase and even all the UI code which interacts with the crypto related code) has been published up through 7.1.1. The Windows GUI was last published at 6.5.8. > Worse, there are a couple of bugs I found in 6.5.8 when > I was porting it to Tru64, but who knows if anyone is > listening over at NAI. I don't know who you sent these to. You could always have sent diffs directly to me to make sure they get handled. The official address for these things remains [EMAIL PROTECTED] I am on that list so you couldn't have sent it to that one either since I haven't seen any diffs from you ever as far as I can recall. > I think people used to get better support when I personally > answered [EMAIL PROTECTED] I stopped providing that service due to > lack of time, and I'm afraid that PGP support went out the window. > From my perspective, NAI never provided any support for PGP -- even > when I submitting patches, they would ignore them. It's always nice to find people willing and able to provide support for free. In the real world, that rarely happens even for free products (Cygnus, etc.). Outside firms have rated our PGP support 6.3 out of 7 based on customer surveys. Mind you, the people surveyed are the people who pay for the software. Our support really is quite good for enterprise customers, but admittedly can be considered weak or non-existent for freeware users. Without a support contract, I can see how some people could find PGP support frustrating. Many of our developers lurk in PGP newsgroups/mailing lists though and regularly help users out there on an informal basis. A few weeks ago, I spent over $30 on a support call to Intuit. I was incensed! I almost paid more to ask them why it doesn't work than I did to buy their product. On the other hand, I don't see how else they could do it and still make money. I don't really see any great solutions to mass consumer tech support, and frankly there isn't much of a paying market among consumers anyway. So, I applaud all those who offer free support, I do it myself quite often, but there's only so much time in a day. Side note, this may all be a moot point if a "transition agreement with a purchasing vendor" is not worked out RSN. -- Will Will Price, Director of Engineering PGP Security, Inc. a division of Network Associates, Inc. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]