[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Blacknet & Lotus Notes



Herb Sutter wrote:
| At 19:13 01.18.1996 -0500, Adam Shostack wrote:
| >	So, lets buy the espionage enabling secret key.  Its an
| >obvious target, not just for cypherpunks, but for the KGB, Mossad,
| >Toshiba, IBM, and anyone else who wants to read their competitors
| >correspondance.  Lets face it, this key will get out there, and be
| >available to all the big players; lets make it available to everyone!
| 
| I think people are missing the point... even if we assume the absolute worst
| case, that the private key is broken and becomes publicly available,
| international Notes users are no worse off than before.

	I don't give a damn about 'international Notes' users; they're
(IMHO) screwed coming and going.  What I do care about is the ability
of American firms to compete with secure products in the international
market.

	That, fundamentally, is what the ITARs are about.  The US
Government removing the ability of American firms to compete becuase
of some idiotic notion that no one else can implement DES, 3des or
IDEA.  Can IBM/Lotus compete with Intranets now being created, based
on HTTP with 128 bit rc4, or IDEA encryption?  Theres a large body of
evidence that people are dumping Notes for the Web; the lack of
security in notes could well be a part of that.  It can't help.  These
regulations cost American business up to $60billion per year.  Those
businesses are no worse off after sending hundereds of people to
Washington to tell the Department of Commerce and NIST that they need
the ITARs changed.  They're not much better off either.

Adam
-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume