18 March 1998

Date: Wed, 18 Mar 1998 12:48:48 -0500
To: jya@jya.com
From: Ed Stone <estone@synernet.com>
Subject: PGP/NAI merger and key recovery

I received the following email from Phil Zimmermann, regarding concerns I
have expressed about NAI's acquisition of TIS, a substantial contractor to
the National Security Agency, and a major developer of key recovery

>> begin PRZ email<<<

Date: Wed, 18 Mar 1998 01:20:34 -0800
To: estone@synernet.com
From: Philip Zimmermann <prz@pgp.com>
Subject: PGP/NAI merger and key recovery
Cc: prz@pgp.com

Ed, I saw your recent remarks in comp.security.pgp.discuss.  I'd like
to make a few points.  You may quote me on this.

Hash: SHA1

Mergers are complex operations, especially mergers of publicly traded 
companies of this size.  NAI and TIS will not fully close the merger deal 
for about 60 days.  Until then, there are many policy details we cannot 
discuss in public.

NAI has no plans to incorporate TIS's key recovery technology in any 
version of PGP, including our business versions.  I have discussed this
point with NAI management.

I have not changed my political values regarding privacy and crypto.
I would not have allowed the sale of my company to NAI if they were 
going to buy PGP in order to bury PGP, as some have feared.  They 
bought PGP because they value the reputation that PGP has earned in 
the industry.  They want to preserve that reputation by preserving 
PGP's product integrity.  I plan to keep watch over PGP's product 
integrity for the foreseeable future.

NAI plans to keep publishing our source code for peer review.  Source 
code publication in printed books is a vital part of NAI's business 
strategy, especially its overseas strategy.  There will be an important
announcement on this subject on 20 March at CeBit in Hannover Germany.

 -Philip Zimmermann

Version: PGP 5.5.5


>>>end PRZ email<<<
Ed Stone