Here is a question for all of you cyber legal types out there. This question presupposes:
The NIST will complete its work on the GAK standard. But no law will be passed (yet) regulating the use of encryption in the U. S. (The GAK standard is an attempt to create an environment in which such laws can be passed.) In the U.S., Big Company INC will start marketing a GAKed encryption product domesticly.
A bunch of cypherpunkish types will immediately try to organize a boycott against BIG COMPANY.
I think it's more likely that a group of people will work on breaking Big Co's GAKed product. Either finding a flaw in it's algorithm or protocol that can be exploited, or a flaw that renders it's GAK unusable, i.e. Matt Blaze's LEAF hack on Clipper.
What are the cypherpunks legal risks?
I seem to remember that back in the 70s, the NAACP lost a big case with respect to their boycott in a southern city. As I recall there were people in the street begging money for the NAACP because there was a > 10**6 $ judgement against the NAACP and they needed that much just to appeal.
Well, NAACP is an actual organization with papers filed with the IRS, officers or some sort of board members, offices, etc. Cypherpunks is just a mailing list, and many of the members of the list don't use their real identies on the list. Who would they go after? -- Eric Murray ericm@lne.com ericm@motorcycle.com http://www.lne.com/ericm PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03 92 E8 AC E6 7E 27 29 AF