The transition is now complete: with the release of its Business Security Suite 5.5 this fall, PGP Inc. has morphed its standalone, hard-to-use freeware program into a slick corporate security solution. The suite integrates PGP's industrial-strength mail-encryption program with a certificate server (which can manage hundreds or thousands of public keys) and a policy management agent (which allows sysadmins to enforce companywide email security policy).
Has PGP caved in to the powers that be? On the surface, this new product seems to kowtow to FBI demands that software include built-in key recovery. However, PGP's recovery features are voluntary, not mandatory. "There was never any intent to satisfy the needs of government," insists founder Phil Zimmermann. "This was driven entirely by our corporate customers' need to control the keys to their intellectual property. They won't buy crypto without key recovery." Which raises another question: Who's more likely to sneak in netizens' backdoors - Big Brother or The Boss?
This article originally appeared in the December issue of Wired magazine.
To subscribe to Wired magazine, send email to subscriptions@wired.com, or call +1 (800) SO WIRED.
