US House approves slimmer stimulus bill

Pretty Good Privacy (PGP) will go on, despite a move by Network Associates (NAI) to shelve the encryption product after it couldn't find a buyer, PGP inventor Phil Zimmermann said today.

Although Zimmermann sold PGP to Santa Clara, Calif.-based NAI in 1997, the protocols for the encryption code are open to all on the Internet.

"PGP is an institution," Zimmermann said in a telephone interview from his home in the Silicon Valley. "It is larger than any single code base from any single company. There are a lot of very concerned people from the PGP user community who want to try to find a solution to fill this niche."

NAI embarked on a plan to trim its product line in October and has been looking for a buyer for its PGP products. However, the company confirmed yesterday that it had dropped its plans to sell PGP because it couldn't find a buyer willing to pay what the company wanted, said Jennifer Kevney, vice president of corporate communications at NAI.

"Obviously, we didn't get the offer we thought represented the value [of PGP]," she said.

The products will be placed into "maintenance mode," she said, meaning that although they won't be developed any further, bug fixes will be released as necessary for one year, and service contracts will be honored until the end of their terms.

Despite this, Zimmermann said PGP will continue and will probably re-emerge in time.

"A lot of people are worried about PGP, and with enough political will, something will be done," Zimmermann said. "That does not necessarily mean buying the business from NAI."

Since the Sept. 11 terrorist attacks on the U.S., Zimmermann said, there is an even greater need for a secure encryption protocol that the public can use. Companies need to be able to protect themselves from attack, and individuals need to be able to protect their own civil liberties from the government, he added.

Zimmermann got in trouble with the government in the early 1990s because federal authorities felt that the dissemination of PGP worldwide violated U.S. antiterrorism laws. The government dropped its case in 1996.

"We're going through hard times, and we've got to hang onto this thing," Zimmermann said. "Our civil liberties are likely to be eroded by this whole experience; that increases the need to keep our hands on strong crypto and keep a hold of it."

The creation of PGP began when members of the Internet Engineering Task Force began developing the encryption code in the 1980s and early 1990s. Zimmermann said a lot of people came together to help develop the encryption protocols and to create an industry standard for all to use. NAI was an active participant in creating that standard.

That public standard would allow other companies or individuals to create new PGP products, and Zimmermann said he's hopeful that someone picks up the challenge.

"Anyone contemplating such a development project should contact me," Zimmermann said. He can be contacted through his Web site.

Information provided by Sam Costello of the IDG News Service was included in this report.

Join the newsletter!

Error: Please check your email address.

More about Internet Engineering Task ForceNAINetwork Associates InternationalPGP

Show Comments

Market Place