I imagine that most visitors to these pages followed a link in one of my email signatures. You can find out more about me personally and professionally by visiting my "home" page.
The purpose of this page is to explain to you that, even if you know who I am, you have no real way of knowing that a message "originating" from one of my many email addresses was really written by me. It is child's play to fake an email address well enough to fool people new to the Internet. It is not much harder to fool people who have been around.
Fortunately, there is free software available which addresses this issue. It is called PGP (short for Pretty Good Privacy) and it was created by Phil Zimmerman. PGP uses pairs of private and public keys to allow people to exchange encrypted files and/or digitally "signed" files. The files can be anything from email to USENET posts to the latest development software. PGP is the encryption standard on the Internet.
With a signed file, you can use the free software to verify a signature using the sender's "public key." These keys are available on many free servers across the Internet. You can even sign keys from people you trust using your own key. This allows people to build a "web of trust"...if you know Jim's key is good and Bob knows your key is good, then Bob can infer that Jim's key is good without ever meeting him. Fantastic, eh?
Unfortunately, many branches of law enforcement think this is a bad idea. Worse, some of our elected officials think this is a bad idea. The thought is that criminals might like to encrypt their messages and that would make it harder for law enforcement to build a case against them. In the foreign policy realm, groups like the NSA feel that this technology would be dangerous in the hands of hostile foreign powers.
Of course, what these people overlook is that the software is not only out there, but most of the algorithms have been available for decades. The bad guys, particularly hostile foreign powers, know how to do this. So, the current administration thought it best to limit *domestic* use of encryption to plug these "leaks."
The courts, however, have pointed out that some of these efforts which resulted in new laws or executive orders, including the Communications Decency Act, are brazenly unconstitutional. Recently (May 6, 1999), there was a resounding court victory for the people of the United States in the Bernstein case. The 9th District Court of Appeals affirmed a lower court ruling that the restrictions on the export of encryption source code are unconstitutional:
Because the prepublication licensing regime challenged by Bernstein applies directly to scientific expression, vests boundless discretion in government officials, and lacks adequate procedural safeguards, we hold that it constitutes an impermissible prior restraint on speech.
![[Blue Ribbon Campaign icon]](http://br.eff.org/br.gif)
