On Thu, 17 Aug 1995 aba@dcs.exeter.ac.uk wrote:
-----BEGIN PGP SIGNED MESSAGE-----
All hell seems to have broken loose whilst I was lazing on the beach yesterday. SSL breakings, big name newspaper newsreports (of varying degrees of accuracy), and much ITAR bashing (yay!) or perhaps that should be nooooh! 'cos I might be doing myself out of work as a UK crypto hacker (as John Hemming said in the article Robert Hettinga forwarded) if we loose the fun advantage of being in the free world, and not having to follow the ITAR nonsense.
Anyway, congratulations Damien!
I add my congratulations to everyone else's. But, as the list rejoices that this means the "end of ITAR" or, more accurately put the "end of encryption programs as 'munitions'", I've got to play the devil's advocate. Many of you, of course, see me as the Devil's Advocate. Anyway, certain arms of the government want to prevent strong crypto from being exported so that they can easily decode encrypted messages from abroad (at least those using US developed software). Damien's impressive feat is that exportation of weak crypto indeed makes that possible. Some posters have discussed the time and difficulty in decoding strong crypto ... I think all agree that it would take significantly longer (or much more computer time) but is not impossible. So ... has this proven that the banning of strong crypto is the correct way to go, and that, at least to some, credit card transactions using weak crypto will be acceptable to most (given the ease of getting CC#s other ways)? Donning my asbestos suit, And speaking only for myself ... EBD