Re: using PGP only for digital signatures

[Derek Atkins <warlord@MIT.EDU>]

> This is kind of a risky policy to take. The general feeling I get that 
> allowing non green-card holders access to strong cryptography is sort of 
> decriminalised, in that the police aren't likely to break down your door 
> and have your AFS server accidentaly fall down stairs. However, it is 
> still against the law, and could be used against the university in other 
> unrelated circumstances.

Actually, its not.  There is precedent, in that at one point (rumour
mode on -- I have not verified this story) MIT was asked to not allow
certain students into the MIT nuclear reactor.  These international
students had been accepted into the Nuclear Engineering program, which
sort of requires them to have access.  MIT's response was to tell the
gov't that if they didn't want to let these students have access to
the nuclear reactor, then they should not be allowed in the country,
since MIT will not discriminate against students based on silly
criteria such as where they live.  The state department said they
couldn't do that, since they had nothing to keep the students out of
the country.  MIT responded that they couldnt do it either, and the
gov't backed down.

I'm not convinced that it is as risky as you say.  Besides, MIT does
have a lot of political power, so they are more likely to get away
with it than other places might.  However I think it is a reasonable
position for an educational institution to take.

-derek