[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Netscape
-----BEGIN PGP SIGNED MESSAGE-----
hOn Wed, 24 Jul 1996, jim bell wrote:
> Date: Wed, 24 Jul 1996 20:16:52 -0800
> From: jim bell <[email protected]>
> To: Tom Weinstein <[email protected]>,
> The Deviant <[email protected]>
> Cc: [email protected]
> Subject: Re: Netscape
>
> At 06:39 PM 7/24/96 -0700, Tom Weinstein wrote:
> >The Deviant wrote:
> >>
> >> I would have suggested even being as nice as "We'll do the same as MIT
> >> does with PGP's distrobution, or RSA does with RSAREF (just so you'll
> >> know, RSA's FTP basicly has a readme file that says "the files in
> >> subdir of a dir thats -r+x to you, so if you're a citizen go to
> >> dist/usaRANDOM_NUMBER_HERE", thats it). Then make them explain why
> >> Netscape should be any different.
> >
> >MIT reportedly has a letter stating that their systems is okay. The
> >state department wouldn't give us such a letter because they were
> >"currently reevaluating their guidelines", or some such thing. We
> >convinced them to give us temporary permission for this system until
> >they had finalized their new policy.
>
>
> That still doesn't make since.
>
> First, there were laws. And we had to obey them.
>
> Then, they added ITAR. And they want us to obey it.
>
> Finally, it seems, they're giving us "guidelines." Not law, Not ITAR.
>
> Next it's gonna be their their fondest desires, their preferences,and
> finally their whims.
>
> What's wrong with this picture? Do I detect an ass-kissing contest?
>
Yup.. thats it. And they said I was an idiot when I [Correctly] said
that Netscape wasn't activly fighting the ITAR.
>
> You should have told them that if they're "evaluating their guidelines" that
> means that NO future modifications to those guidelines is binding on you,
> since it is not part of ITAR and is CERTAINLY not part of the law. You
> should have memorialized the contact with a lawyer's letter, and promptly
> posted the new version of your software with whatever version of the
> precautions (MIT, RSA, or?) you felt most happy with.
>
Or even better... Lets look at this version...
lets say I get my internet service from MCI. Now lets say I put crypto on
my web page. When somebody from out of the country visits my web page,
and downloads it, who's exporting it? Them, MCI, or me? I'd say they
are, and I doubt ITAR covers this... this is one of those things thats
covered in "guidelines". ;) umm.... Smooch Smooch?
--Deviant
Unix is the worst operating system; except for all others.
-- Berry Kercheval
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQEVAwUBMferwjAJap8fyDMVAQHyMgf9EiBGYs+ZKyZ9Bq+PK8rsAbbXAzlrk0Zl
AfWnnmwiRFZjK6KwNcxqmoCtSYqu2a0V6tuDzcwwHpU/buu5GD7NBa+2BjD9FqlM
zF1nd72HKfBo8o8+ZZRyCzk+6z8vRdVp+MxTEdlyc6cHKZjih4uTGAK5GLBWaJgs
O+58WvtYWYU1r8F+OBlhNvxCkiiKRSROKO/fByX6eSf/u/J+jY5zsO/Ul+zYLvPM
ATQGLwWa4Sxvszkdqh2RcCCK7qoIeMPQ68B6pvB0nI4/suQLrTe6SHCP6kLCKT71
Cn40OmbWE7IEDaIalb7jCKMwgJB2Ut7zgWHhIMmnJVBiq8elnbRXvg==
=hR/j
-----END PGP SIGNATURE-----