Heading Graphic

Read the whole context! Want to find the entire post or thread?

Home
Quotes!
PGP
Style
Privacy
Posts?
Mailing List
Advocacy
Lookups
Attacks
CryptoQuotes
Free Speech

Crypto Quotes

"In future I think Phil will be seen as a pimple on crypto history (he invented and pioneered no algorithms), not the "hero of the first amendment" the poster would have us believe."
Source: Message ID <34A574D1.568EA102@sternlight.com>

"As to "hero" of civil liberties disobedience, in my view Phil's behavior can fairly be said to be self-serving cowardice rather than heroic Ghandi-like self-immolation if public accounts can be credited."
Source: Message ID <34A574D1.568EA102@sternlight.com>

"Make no mistake--if a few "civil liberties loudmouths" (Clipper _is_ voluntary) hadn't sabotaged its widespread acceptance we might have found it in every "serious" phone, for transparently optional use."
Source: 4/9/96, <david-0904961630290001@nntp.netcom.com>

"You are flat wrong. TDES is FIPS-approved in the Netscape implementation."
Source: <36896CBD.B954195F@sternlight.com>

"Since I've said before (as does your own reference) that TDES is FIPS approved in Netscape, I can only conclude you're deliberately lying that 56 bit DES is the only FIPS-approved encryption algorithm in 140-1."
Source: <368975C4.7DACEC27@sternlight.com>

"You are getting pretty ridiculous by trying to ignore Netscape's TDES FIPS certification and focussing on 56 bit DES. And you were flat wrong when you said (in two messages now) that the only crypto algorithm that was FIPS certified in Netscape was 56 bit DES."
Source: <36896CBD.B954195F@sternlight.com>

"When it comes to fully "unbreakable" crypto at the current classified state-of-the-art (whatever that is), I have some problems even with domestic use unescrowed."
Source: <david-2308951320280001@192.0.2.1>

"There's no reason most people can't feel secure with a net that uses escrowed crypto that the NSA can read." Source: <david-1704961704190001@nntp.netcom.com>

"As far as I'm concerned, if a foreigner doesn't like key escrow, let him try to get an unescrowed system in his own country."
Source: < david-0704962137540001@nntp.netcom.com >

"Most people have no fear of the NSA and believe that if one has nothing to hide from the government, there's no problem with key escrow under due process protections."
Source:  < 3653BCDE.F547E01A@sternlight.com >Nov. 19, 1998

"Your guess is irrational, since PGP itself uses S/MIME." Source:  <338252B7.4946@sternlight.com>

"Both have been in development for several years, the subject of extensive standardization work, and even the PGP folks have been working on an S/MIME compatible standard for PGP."
Source: Message ID <david-0907961800390001@192.100.81.148>

"It is perfectly correct that they can forge your signature if they can get your overall key (not your session key), but that is not a threat most people are concerned about since if it is known they can do this (as it would be under those circumstances) it will simply destroy trust in signatures rather than compromising them."
Source < 365665F3.7D672FBB@sternlight.com >

"It can (and in the US automatically does) use stronger crypto than PGP."
Source: <david-0611970814200001@lax-ca66-40.ix.netcom.com>

"Having longer keys is probably a good idea if it comes cheaply enough, but your chances of being hit by lightning are probably rather better than that of the NSA (or anyone else) committing the resources it takes to try to crack your 512 bit RSA key."
Source: <357D8D18.711F9660@sternlight.com>, 6/9/98

"I support escrow of exported cryptosystem strong keys, also on economic grounds (and I see no conflict there with the Constitution, despite attempts by others to make such a case through rhetoric)."
Source: <david-1404960818380001@nntp.netcom.com>

"Actually I'm a very sophisticated PGP plant. By calling attention to all of PGP Inc's serious flaws, but associating them with an anti-anarchist position, I cause those flaws to be ignored or rationalized by the "faithful" so that PGP can continue in business instead of getting the horse-laugh and rejection it would otherwise receive. We thank you for your continued patronage even as we regularly and consistently give you the finger. Thanks for rationalizing away our disclaimers of responsibility if we cause you to become an infringer. Thanks for rationalizing our depriving you of RSA and making all your old keys obsolete."
Source: Message ID   <david-2111971006040001@lax-ca66-19.ix.netcom.com>

This FAQ is NOT authorized, endorsed, reviewed, authored nor supported in any way by Mr. Sternlight. It is an independent compilation of quotations gleaned from Mr. Sternlight's newsgroup posts, opinion and public dialogue related to this prolific newsgroup poster and famous "net personality" and public policy advocate. Interested readers are invited and encouraged  to read the entire context of Mr. Sternlight's quotes, using search engines such as DejaNews. (Note there is a newsgroup named "alt.fan.david-sternlight".) Mr. Sternlight posts most frequently to comp.security.pgp.discuss and alt.privacy and has several  thousand posts on USENET public newsgroups, as reported by DejaNews search, on various subjects including  patents, licensing, cryptography, and public policy on those matters. His prolific and frequent public policy advocacy in crypto newsgroups focuses primarily on the US government policy, currently in robust public debate, regarding strong encryption and privacy issues, but also on patent, copyright, trademark and licensing issues. All product and service names are the property of their owners.