Interview With Jon Callas of PGP Corp

← Back to Stories (view on slashdot.org)

Interview With Jon Callas of PGP Corp

Posted by chrisd on Thursday October 3, 2002 @09:48PM from the pretty-great-peekanese dept.

LogError writes "Jon Callas, one of the co-founders of the new PGP Corporation, is an innovator and an acknowledged expert in all major aspects of contemporary business security, including cryptography, operating system security, public key infrastructure, and intellectual property rights. Read the interview at Help Net Security."

3 of 18 comments (clear)

Min score:

Reason:

Sort:

Intersting read by einhverfr · 2002-10-04 11:40 · Score: 4, Insightful

I might be the first poster here (not sure why) but--
from the article:
We haven't quite worked out the details of PGP's open source license, but here are the goals I have, pending language:

If you have a legally obtained copy of PGP, then you read, compile, modify, hack, etc. the source for that type of PGP you have, for your own purposes and not for redistribution. What I mean by this is that if you have PGP freeware (which you are using for non-commercial use), then you may do all those things with PGP freeware. If you bought a copy of the retail product, then you may do those things with the retail product or the freeware product.

Sounds to me like the Microsoft "Shared Source is Open Source, just improved" drivel. I think he mistakes open source with commercial source licenses, and I think I will stick with GPG.

--

LedgerSMB: Open source Accounting/ERP
1. Re:Intersting read by Eythian · 2002-10-04 12:30 · Score: 2, Insightful
  
  Wow...three whole posts, one on topic...anyway, from the article w.r.t. being able to modify the source, but not distribute:
  
  This isn't quite the same as what some other open source people believe constitutes "open source," but our philosophy on source is completely in line with the principles that the FSF and LPF were founded to defend -- the right to look under the hood.
  
  I was under the impression that the FSF liked that, but felt that the main freedom of Free software was the ability to modify, and then distribute free versions, which isn't what they are allowing.
  
  There was also talk of a Linux version -- if the source is avalible, all they have to do is ask the community (for the freeware version, anyway). Personally, I'll be sticking to GPG I think.
2. Re:Intersting read by MacDork · 2002-10-04 16:36 · Score: 2, Insightful
  
  Whoa, only 14 posts on a 5 hour old /. PGP article. That's unnerving... anyway,
  it sounds to me like distributors won't be allowed to bundle binaries of their code. possibly not even source packages, much less unmodified source.
  reading the article I see...
  What is your perspective on full disclosure of vulnerabilities?
  I am a proponent of full openness. I'm a proponent of published source code, so by necessity vulnerabilities will be disclosed -- just look at the differences in the source.
  Sounds to me like diff files wouldn't be out of the question... I would hope that were the case at least. I have nothing against them making money on the product. As a matter of fact, I hope they make a boatload and encryption finally gets to be mainstream. But I think no source in the name of profit would be terribly limiting to development, because no source equals no trust in my book. I couldn't fully trust an encryption product that wasn't open to peer review...