[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Netscape
At 05:15 PM 7/25/96 +0000, The Deviant wrote:
>hOn Wed, 24 Jul 1996, jim bell wrote:
>> That still doesn't make sense.
>> First, there were laws. And we had to obey them.
>> Then, they added ITAR. And they want us to obey it.
>> Finally, it seems, they're giving us "guidelines." Not law, Not ITAR.
>> Next it's gonna be their their fondest desires, their preferences,and
>> finally their whims.
>> What's wrong with this picture? Do I detect an ass-kissing contest?
>
>Yup.. thats it. And they said I was an idiot when I [Correctly] said
>that Netscape wasn't activly fighting the ITAR.
Agreed. Writing good crypto is certainly praiseworthy and desirable, but it
does not "fight ITAR," per se. (It fights lack of crypto, which is not the
same thing! Lack of crypto certainly needs to be fought, as well.)
Writing the software and selling it domestically is, at best,
"ITAR-neutral." Putting it on the net in the most unrestrictive way the
State Department has previously approved of is also "ITAR-neutral."
(Because such a method is, presumably, within the rights of anyone; we can
conclude this because "the State Department said so.")
A _PRO_-ITAR stance is one in which a company or person puts restrictions on
his distribution of that software above and beyond what have historically
been approved, particularly when prior distributions of software are still
going on with those previously-approved restrictions. They may be absolutely
entitled to do so, but that's still pro-ITAR. For a small and uninfluential
company, the significance of doing that is minor, but for Netscape, it's
crucial because it practically invites the government to set a new precedent
beyond what they (the government) previously thought they might get away with.
>> You should have told them that if they're "evaluating their guidelines" that
>> means that NO future modifications to those guidelines is binding on you,
>> since it is not part of ITAR and is CERTAINLY not part of the law. You
>> should have memorialized the contact with a lawyer's letter, and promptly
>> posted the new version of your software with whatever version of the
>> precautions (MIT, RSA, or?) you felt most happy with.
>>
>
>Or even better... Lets look at this version...
>
>lets say I get my internet service from MCI. Now lets say I put crypto on
>my web page. When somebody from out of the country visits my web page,
>and downloads it, who's exporting it? Them, MCI, or me? I'd say they
>are, and I doubt ITAR covers this... this is one of those things thats
>covered in "guidelines". ;) umm.... Smooch Smooch?
Yes, if we really oppose ITAR, we should kill it by insisting that the
government fully document it at every turn.
Jim Bell
[email protected]