There is a tendency I think to be drawn into spooks, civil servants, and polticians requests for off the record comments on how politics really works. (The politics of favours, the politics of spooks wishing to intimidate people into censoring themselves to operating according to unwritten laws (laws which don't exist, but which the spooks wish did, and so pretend do exist)). I think: if they said it, hold them to it. Ignore off the cuff requests, if they have the force of law behind them (it boils down to a threat to kill you, or imprison you if you disagree), that they should also get you to behave nicely and keep quiet your experience of the way they work in practice sucks, there's too much of it in politics in general, it belongs on a bill-board not in quiet off the record moments after crypto-conferences. Of course this might have the effect that spooks don't want to talk to you, or are more careful what they say, but who cares. Also... some clarification on the UK export situation, which I talked about in my last post in this thread: One concern about some of this stuff, is that often people are representing some company when interacting with spooks, where they would be covered by an NDA with the company. Well OK. There are still remailers to explain the situation without giving enough detail to identify yourself. Sometimes there are no NDAs. The export situation has slightly conflicting parties, the DTI (civil servants, Dept. of Trade & Industry) and GCHQ. DTI say you can export intangibly, but gave a whole list of reasons why a "responsible" company surely would not want to do anything disreputable, like have different views of export controls from the government, here from: http://www.dcs.ex.ac.uk/~aba/ukexport/dti-let.txt : 9. Hard to see what practical advantage there is to exporters in : exporting technology by intangible means because they could get : licences anyway if no concerns about the export itself. : : 10. And if concerns are sufficient for a licence to be refused, what : reputable exporter would wish to export it by any means? CESG/GCHQ seem less keen to admit the intangible export loop hole exists, preferring to pretend it doesn't exist until pressed. The DTI at least has contingency plans for this (from same letter): : 4. Government is aware of the potential for abuse of the spirit of : export controls. If it appears HMG's export control policies are being : undermined, then further action may have to be considered. As I said in the previous post: the GCHQ off-the-record low down on this is that if you export stuff intangibly (which the DTI at least will admit reluctantly that you can do), then they will deny your tangible export requests. If you are a business, this might cause you to think carefully about using the intangible export loop-hole. Or perhaps about discussing too much the way this works with journalists or otherwise embarrassing them. Which is of course what they want: an unwritten law which they have power to decide as they wish. Wouldn't it be fun if people in government/spookdom actually participated in open discussions such as this? (People like say Nigel Hickson, who got roasted at the LSE crypto conference recently on the DTI/GCHQ/government infamous TTP paper, his boss David Hendon slunk off early to avoid facing the music during open question time). (David Hendon not to be confused with David Henson, the ex-spook now in some governmental Euro gakkers group) But they aren't going to participate because they operate best in half-light, they hate harsh bright lights of open discourse. Adam -- Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`