[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: US relaxed export policy - When/IF and how?

To: ietf-pkix@xxxxxxx
Subject: Re: US relaxed export policy - When/IF and how?
From: pgut001@xxxxxxxxxxxxxxxxx (Peter Gutmann)
Date: Thu, 4 Nov 1999 05:32:59 (NZDT)
Reply-to: pgut001@xxxxxxxxxxxxxxxxx
Sender: pgut001@xxxxxxxxxxxxxxxxx

"Bob Jueneman" <BJUENEMAN@novell.com> writes:

>The absurdity of deciding crypto strength based on the type of store-front
>the product was purchased through has certainly not be lost on organizations
>such as the Business Software Alliance and the Alliance for Computer Privacy.
>If you can download the product, even for free, off the Internet, that
>apparently doesn't count as "retail".  In fact, even if you do sell a product
>through a store-front retail operation, such as a small-business, five user
>license version of something like Novell's NetWare, if that version could be
>upgraded to cover more users by simply buying additional licenses, that
>wouldn't be considered retail either.

There is one explanation for this which makes some sense, since the intent of
the controls is to delay the widespread availability of strong crypto
(specifically where it'll affect Echelon) for as long as possible you can
further this goal and silence your critics by allowing the export of security
pablum to the masses but not allowing the export of real security where it
matters.   At the moment it looks like the announcement has pretty successfully
derailed any attempts to reform the export controls via legislation while
probably not allowing any crypto out for areas where it'll make a difference -
one way I've seen it put is "You can export Microsoft security but you can't
export Sun or IBM or XXX security".  OTOH given the USG's long track record of
announcing Clayton's liberalisations (one every three months on average since
1994) I can't imagine whatever will appear in December will make much
difference in practice.

[I'm still puzzled over the announced changes though.  To me the best change
 would have been to "liberalise" by allowing source code exports, which derails
 all of the current legal challenges while still not making much difference to
 the world in general.  Allowing mass-market binaries but not source code seems
 to achieve exactly the opposite of what the spooks would want]

Peter.

Follow-Ups:
- Re: US relaxed export policy - When/IF and how?
  - From: Paul Hoffman / IMC

Prev by Date: Re: Timestamping Standards.
Next by Date: Re: US relaxed export policy - When/IF and how?
Previous by thread: Re: US relaxed export policy - When/IF and how?
Next by thread: Re: US relaxed export policy - When/IF and how?
Index(es):
- Date
- Thread