[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Which way are crypto regs going?

Lucky Green said:
> Ultimately, It won't make a difference, but sure, why not. Crypto regs can
> go one way, and one way only: more restrictive.

Lucky's such an optimist!  Actually, crypto regs have gone many
different directions.  The general direction in the US is toward
more openness.  (I've been watching them longer than Lucky has been.)

Authentication used to be licensed.  It isn't any more -- though
the bastards reserve the right to lie about what is authentication.

ATM machines used to require a license.

40-bit crypto used to require a license.

Financial institutions used to require licenses.

Big companies used to need licenses for intra-company use.

DES used to require a license.  (Still does, until the incredibly
cold warriors move their bowels and produce a new, uh, release
of the regs.)

Maybe sometime next year I'll be able to say, "Publishing crypto on
the net used to require a license but now it doesn't, since the courts
started enforcing the Constitution."  Whether this happens or not is
NOT under the control of the NSA -- I think.

On the other hand, crypto regs in other countries tended to start
from "unrestricted", so indeed there was no way they could go from there
except "more restrictive".  But after the first dollop of restriction,
they could go either way, as we've seen in various countries.
Germany for example seems to be loosening.  Canada turned out to be
looser than anyone had suspected, and is still trying to be loose
despite intense arm-twisting by US wiretappers.

Some countries actually seem to care what their citizens think about
their crypto laws, unlike the shining example of democracy, the USSA.
And when we educate the citizens, they tend to make the right choices.
Let's keep trying.