[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 2nd CJ update



	 Looks like the stalling tactics have begun. I just got a phone call
	 from "Susan Shea" from the National Security Agency. She said that to
	 "make a better determination" she would need a copy of the diskette.

	 I explained (as I had in my written request) that the diskette in
	 question contained exactly the same source code as was printed in Part
	 5 of the book Applied Cryptography, byte for byte. But she claimed
	 that as she did not have a copy of that, she would still need the
	 diskette.
	  
	 Right. The NSA doesn't have a copy of Applied Cryptography, and has
	 never seen one. Yet, apparently, they signed off on my original CJ
	 request to export the printed book (the State letter mentions comments
	 from the Department of Defense, which is always a code phrase for the
	 NSA in such situations).

It's not that ``NSA'' doesn't have the book; it's that that office may
not.  Or at least, making that claim isn't totally beyond the realm of
possibility.  As for the original request -- they *don't* want to rule
that a book needs a license, of any sort; it opens them up to judges
who understand books but not floppies.  (Let me commend to this audience
Kenneth Pierce's paper ``Public Cryptography, Arms Export Controls, and the
First Amendment:  A Need for Legislation'', Cornell International Law Journal
vol. 17, 1984, pp. 197--236 -- it's a very good summary of the legal
issues.  Though the details of the ITAR have changed, the underlying
legal theories have not.)

	 Sigh. I will send it off to them. This should buy them about two days,
	 unless I get really extravagant and switch from Priority Mail to
	 Express Mail...

	 Phil

	 PS. Does anybody consider it odd that someone from the NSA would
	 actually identify themselves as such?

My impression is that they've realized that that game is a bit stupid
at this point, and that they're giving up on unnecessary secrecy.