-----BEGIN PGP SIGNED MESSAGE----- A note to the public. I have been warning repeatedly about using newer versions of PGP for over two years now. In a study I put on the net in August 1998 which is also present on the PGP-International website I expressed my valuation of the ADK-problem which came with the newer versions. May I cite one sentence from my earlier work: "I do not know which mechanism will prevent a user's public key to be linked with another faked message recovery key without the user's consent or knowledge." I expressed my fear that this can happen and hoped that there will be security-checking mechanisms to prevent this. But not knowing much about the details of signatures and packages in 1998 I finally started to put this to a test because in the meantime almost everyone got used to the new keys. Completing my study and making sure that everyone who repeats my tests will get the same results I presented my study to the public on Tuesday 22nd August 2000 and informed persons working on computer security immediately. So I did not find a bug in the PGP-source code, that was Steve Early working with Ross Anderson after having studied my experimental research at Cambridge on Wednesday. I discovered that there simply is no checking done, not even the attempt to detect unauthorized manipulations of public keys. This is not a bug, this is a scandal, because NAI put ADKs into PGP without caring about simple manipulations. Obviously there has never been a well thought-out security strategy and most of the relevant information the public got from NAI concerning ADKs was completely untrue as my experiments reveal. No quick debugging will solve this situation and the damage being done to the reputation of PGP by everyone who supports Additional Decryption Keys. I am opposed to Additional Decryption Keys, as you know, but I do not want people to turn away from PGP. I would like to see people getting rid of the ADK-problem actively by checking the keys they use and avoiding the new signature type. "Use PGP-classic in a reliably secure environment." That would be my advice if I had 49 characters left on the telegram. Ralf Senderek -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv iQCVAwUBOafgHSmc/oJTgiNJAQGIIQQAunpgXp5Wy1sI4eSyHR0GMw8Z1zSJkRJY kogu1UPbeTsO9jDV9o5WHbPR+9+Ct+KIaQJmpvkqozlW34CjTCaMinJq84M44ghx AMKS0TWStpdbtCvZJUJxyLZEIY2CmOS1aIhbJm2HwaU+/WtmGwiHgiNndD9bIoC7 EFYLTmifsMs= =9V88 -----END PGP SIGNATURE-----