ADKs (was: Corporate use of gnupg)

[Nicholas Cole]

On Tue, Feb 19, 2008 at 5:49 PM, David Shaw <dshaw at jabberwocky.com> wrote:

>  Even if the patent issue was resolved, it doesn't really solve much to
>  have GPG follow the ADK.  GPG is distributed as source - easy enough
>  for someone to simply comment out the ADK code if they didn't want it
>  to take effect.

Dear David,

Thank you for your long and clear reply.  I take the point about the
patent issues completely.

However, just for a moment assuming that the patent issue could be
solved in a way that would not upset PGP...

OpenPGP has done well in 'closed' environments (as you define them),
but has always stumbled in more potentially open settings.  This has
always seemed to me a huge shame.  There seem to be at least some
settings where ADK makes sense and would encourage the use of PGP.  Of
course, it is simply a 'request', but it is a reasonable request and
(as far as I can see) a much better way to handle these issues than
saying to people 'please always encrypt to my corporate key manually'.

The point about ADK being something that can be circumvented is not, I
think, a real issue.  It has always seemed to me that ADK is something
much more akin to all the other preferences already stored on a key -
a request to PGP-compatible programs to encrypt data in a particular
way.

Since it would encourage the use of encryption in environments where
it is not currently used, I would see it as nothing but a good thing.

Although, of course, if there really are patent issues, it can't
happen, but perhaps PGP Corp would/could be flexible on this point.

Best wishes,

N.