The PGPi scanning project

PGP 5.0i has an unusual story. Unlike earlier versions of PGP, which were at some point in time exported illegally from the USA, PGP 5.0i has a perfectly clean record.

The heart of the issue is the US Export Regulations, which classifies cryptographic software as munitions(!). Thus you need a license in order to export PGP from the USA. However, the Export Regulations only covers software in electronic form (e.g. on disks, or via the Internet). PGP 5.0i, on the other hand, was compiled from source code that was printed in a book (well, actually 12 books - over 6000 pages!). The books were exported from the USA in accordance with the US Export Regulations, and the pages were then scanned and OCRed to make the source available in electronic form.

This was not an easy task. More than 70 people from all over Europe worked for over 1000 hours to make the PGP 5.0i release possible. But it was worth it. PGP 5.0i was the first PGP version that is 100% legal to use outside the USA, because no source code was exported in electronic form.

Since the initial release of PGP 5.0i in 1997, several new versions of PGP have been released. Each time, the program has been scanned in and OCRed from printed books. However, because of improved technology and better proof-reading utilities which were introduced in PGP 5.5, this was accomplished in much shorter time than PGP 5.0i. Teun Nijssen explains why.

The OCR utilities used in PGP 5.5 and later can also be used to publish other kinds of export controlled software in a reliable manner. For details, see www.cryptoscan.org.

The latest international relase of PGP is version 6.5.1i. It was scanned and OCRed by cnlab in Switzerland.

In 1999, the US Government lifted the export controls on cryptographic software. Thus it should not be necessary to scan and OCR future versions of PGP.


PGPi Home > About PGPi > The project > Scanning ]