NetWorld! What People Are Really Doing on the Internet and What It Means to You - David H. Rothman

Some of the biggest Clipper haters, meanwhile, were overlooking their differences to unite against the tumor chip. Jim Bidzos’ company had already granted a license for the basic technology to ViaCrypt, which, at least in the latter’s opinion, left it free to sell a commercial version of PGP. And this past action may have been a door opener in a way for Phil Zimmermann. PGP was no longer so much of an outlaw program in the eyes of many, and businesses felt they could use it and get technical support. Beyond that, professors at the Massachusetts Institute of Technology, whence much of the RSA technology had come, were sick of all the patent wars. They just wanted to see solid encryption in use. And Bidzos, however much he quarreled with Zimmermann, was himself determined that the Feds not control encryption. The compromise could go a long way toward enshrining RSA as at least an informal world standard, and thwarting RSA’s biggest competitor, the NSA.

And so Bizdos and colleagues let PGP be used for noncommercial purposes as long as the newer versions were incompatible with the older ones that lacked the blessing of RSA and Public Key Partners. Of course that still didn’t solve the hassles of securing international commerce with a truly strong encryption standard with which the U.S. government felt comfortable. But even if PGP-style products weren’t official, they were murdering Clipperish schemes before snoop-ready chips and programs could take root. The world’s governments might well have to join countries like France and try to ban strong encryption.

But could they? Too many people in too many countries were already using software such as PGP. Hackers proudly included their public PGP keys—those weird combinations of letters and numbers—at the ends of their messages or told how people could obtain them. PGP keys were becoming status symbols. PGP wasn’t yet built into popular e-mail programs such as Eudora for easy use, so, if nothing else, the keys indicated a certain level of technical expertise. They were the new vanity plates of the dataways. PGP was even becoming a small industry; for example, you could shell out $20 and officially register your key with a company in Palo Alto, California, called SLED. And then people receiving messages from you would know they were really from you.

SLED required a mailed or faxed driver’s license or passport, or a preprinted personal check. This wasn’t the best proof of identity, but it would at least let Netfolks spot obvious forgeries immediately. If nothing else, you could “register” your key with friends who were well known and well trusted on the net.

With or without formal registration, more and more Netfolks felt lost without their PGP. Father Bill Morton, the Anglican priest mentioned earlier, the one who used PGP to accept confessions over the Net, wrote a parody:

It’s one for the money,

Two for the show,

Three to get ready,

Now go, cat, go!

But don’t you step on my PGP.