Lucky Green said:
Ultimately, It won't make a difference, but sure, why not. Crypto regs can go one way, and one way only: more restrictive.
Lucky's such an optimist! Actually, crypto regs have gone many different directions. The general direction in the US is toward more openness. (I've been watching them longer than Lucky has been.) Authentication used to be licensed. It isn't any more -- though the bastards reserve the right to lie about what is authentication. ATM machines used to require a license. 40-bit crypto used to require a license. Financial institutions used to require licenses. Big companies used to need licenses for intra-company use. DES used to require a license. (Still does, until the incredibly cold warriors move their bowels and produce a new, uh, release of the regs.) Maybe sometime next year I'll be able to say, "Publishing crypto on the net used to require a license but now it doesn't, since the courts started enforcing the Constitution." Whether this happens or not is NOT under the control of the NSA -- I think. On the other hand, crypto regs in other countries tended to start from "unrestricted", so indeed there was no way they could go from there except "more restrictive". But after the first dollop of restriction, they could go either way, as we've seen in various countries. Germany for example seems to be loosening. Canada turned out to be looser than anyone had suspected, and is still trying to be loose despite intense arm-twisting by US wiretappers. Some countries actually seem to care what their citizens think about their crypto laws, unlike the shining example of democracy, the USSA. And when we educate the citizens, they tend to make the right choices. Let's keep trying. John