-----BEGIN PGP SIGNED MESSAGE----- The Jan 16 issue of EE Times has an excellent article on the legal controversy surrounding Phil Zimmermann and PGP, positioned top-right front-cover for maximal exposure. It describes the aftermath of a meeting last week between Phil's attorney, Philip Dubois, and the government lawyer handling the case. "'We told the prosecutor our concerns,' Dubois said. 'He agreed to consider them. We might hear back in a month or two. He didn't make any promises.'" (Sometimes it seems like the gov't is dragging this case out intentionally. I believe the uncertainty does have a chilling effect on private development of strong crypto, which would be gone if the government announced it was not going to pursue the case, or if they did bring charges and lost.) Another interesting quote: "Zimmermann is not in danger of being indicted for willfully exporting PGP. Rather, the U.S. attorney's office, here, is considering charging him for making PGP available in such a manner that it could be exported by a third party." What the hell is this? Can anyone point to the statute they may be referring to here? This seems awfully broad. This, from a sidebar, is really surprising: "In contrast, public keys allow the overt publication of an encryption key, because decryption keys can only be derived through a mathematically difficult process, such as large prime-number factoring. Contrary to popular belief, the NSA can decrypt public keys of most practical key sizes." I wonder what this means? If it is a claim that the NSA can factor 1024 bit moduli that would certainly come as a big surprise. If they are saying that they can do 512 bits that would be more believable although of interest. It is strange that the author would include a statement like this without attribution or evidence. Generally, the article is very favorable towards Phil and an excellent overview of the case. Hal -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLxytnBnMLJtOy9MBAQHGnAH/TAOr6TNchZjCyMESeDdOf1seXTkfMbMY 3qrL91OmjwxDIBDkzszrgizwadKwWYn65yOY3yJ4Wk/xUcNwKFnk1Q== =PoYj -----END PGP SIGNATURE-----