Re: Crippled Notes export encryption

[aba@atlas.ex.ac.uk]

Lucky Green <shamrock@netcom.com> writes:
> At 4:17 1/24/96, Timothy C. May wrote:
> 
> >The usual issue: That if a foreign-originated product even appears to be a
> >standard (so far, none have been), and includes strong crypto, then the NSA
> >and other agencies will simply change the rules. Thus, if extremely strong
> >crypto from "Netscape-Zurich" starts to have a significant market presense
> >in the U.S., then some law will be passed to restrict it.
> 
> I agree. The reason for enforcing ITAR is to keep good crypto of the
> *domestic* market. If ITAR no longer accomplishes that, new laws will be
> passed.

No need for any new laws or regulations, all that needs to be done is
to add crypto to the import list (the opposite, and currently not so
widely discussed counter part to the export list).

In fact I wouldn't be suprised if the ODTC and NSA could interpret
ITAR and the current import list to allow this.  (Anyone have an
electronic copy of the import restricted list?)

Of course this wouldn't be a very popular move, so I'd guess that it
wouldn't be tried until a) foreign crypto apps become a significant
obstacle to the NSA, and b) other methods have been exhausted.

Adam
--
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length$n&~1)/2)