It seems to me that the following technologies are going to be of increasing import despite the outcome of the Clinton proposal.
1. Raw headerless output from packages like PGP. It seems obvious that if crypto is regulated, it must be easier to disguise the type of crypto one is using, or indeed if one is using crypto.
Removing the headers from PGP will accomplish only the most cursory security. The PGP packet structure is recognizable out of a random byte stream even without the headers. More generally, just because _you_ don't know how to recognize something doesn't mean your opponent is similarly lacking. In order to really know it can't be done, you need a proof, that is, an argument that covers all possible ways of looking for something. This principle applies to all forms of steganography.
2. Methodology for the disguising of cyphertext in more innocous data.
See my comment above for my opinion on this.
3. The proliferation and consistant use of Crypto for even everyday communications.
I think work done to get PGP, for example, in mail readers is something that should be done with a bit more zeal. I, personally, don't use it much because of my computing environment (receiving mail on a widely-known-to-be-insecure Unix box, dialed in from MSDOS). The integration problems are pressing.
1> The harder it is to find, the less potential there is for regulation. 2> The harder it is to look for, the less potential there is for regulation. 3> The harder it is to abolish, the less potential there is for regulation.
True up to a point. Remember, internet users are still a small percentage of the whole. Eric