>
>I found the pgp packages on one of the debian-non-us sites.
>The 2 pgp packages (pgp-i & pgp-us) have exactly the same
>package information, but the sizes and names are different.
>Why ?
>From the PGP 2.6.3i readme.1st file
" (2) It uses PRZ's MPILIB instead of RSAREF
PGP 2.3a and earlier versions use a special library for all the
RSA
encryption/decryption routines, called MPILIB, and written by
Philip R.
Zimmermann (PRZ), the original author of PGP. However, starting
with
version 2.5, all official releases of PGP have been using the
RSAREF
library from RSADSI Inc, a US company that holds the patent on the
RSA
algorithm in the USA. This change was made in order to make PGP
legal
to use within the USA.
Please observe that PGP 2.6.2i does NOT use RSAREF, but rather
PRZ's
original MPILIB library, which is functionally identical to RSAREF
and
slightly faster on most platforms. Because 2.6.2i uses MPILIB
rather
than RSAREF, this PGP version is also able to verify key
signatures made
with PGP 2.2 or earlier versions. This is not true for MIT PGP,
because
the RSAREF library only understands the new PKCS signature format
introduced in PGP 2.3.
The use of the MPILIB library is the main reason why PGP 2.6.2i is
probably illegal to use within the USA. If you are in the USA, you
should compile the source code using the -DMIT option and link it
with
the RSAREF library rather than MPILIB. Note that RSAREF is NOT
included
in this distribution, so if you are a US user, it is probably
easier to
get a copy of the original MIT 2.6.2 release."
>From your email address I am guessing that you need the US version.
Hope this helps
>Regards,
>Alec
>--
>Alec Clews, <[EMAIL PROTECTED]>, TCA Consulting Ltd
>Tel:44-(0)171-415-8159 Fax:44-(0)171-556-0022, PGP keyid:48FA EB81
>New City Court, 20 St Thomas Street, London, Britain, SE1 9SD
>=======================Usual Disclaimers Apply======================
