TCM
And here I'll comment on Ken Bass's excellent comments [...]
He pointed out that the driving force for crypto policy is probably the _law enforcement_ camp, not the _intelligence agency_ camp. And that the NSA is regretting the ITAR stuff, as it has sparked an "arms race" to develop stronger crypto. Bass noted that people now equate permission to export with weakness, and that had the U.S. not restricted exports, users probably would've been "fat, dumb, and happy" to keep using breakable crypto.
doesn't make sense to me at all. who was behind clipper? the NSA, not the FBI. the FBI is behind digital telephony, which involved *wiretapping*, not key escrow. actually I think that the NSA is trying to convince law enforcement agencies that if they follow the NSA plan of crypto suppression & key escrow that their job will be easier, that great instability results from unfettered crypto. this fits into the way the NSA hates to be behind any proposal themself, and need "cut outs" to do the lobbying for them. I think at the core of it the NSA doesn't really care too much about law enforcement issues like obtaining warrants and that kind of thing. all the talk about warrant and subpoenas makes no sense from the point of view of the NSA. the NSA goals and the law enforcement goals do not really seem to me to overlap much at all and that the whole argument that they do has been a diversion. this suggests an interesting way to turn the "pro-suppression" crowd against itself. if the law enforcement arm can be convinced, as many people are now advocating, that strong crypto actually makes their job easier and the world information infrastructure less insecure, they may eventually advocate unfettered crypto. then you have only the NSA alone standing up and saying that they need the suppression laws. the concept that the NSA "regrets" ITAR laws sounds like an utter fantasy to me. the ITAR has been around for decades. the NSA has been continually *strengthening* the interpretations of the ITAR. the ITAR is enforced largely through NSA *harassment* of companies that are seen to be supposedly violating it. the NSA can stop sending their "men in black" at any time. when the harassment stops, the crypto would spread. no one is twisting the NSA's arm to reject crypto exports in all the applications that are submitted. rather, it is the NSA that is doing all the arm twisting. the NSA has made radical interpretations of the ITAR in various situations: 1. they rule that mere *hooks* are illegal 2. they have told Microsoft that merely *signing* foreign crypto software packages is illegal so the more I think about it, the more I think Bass's comments as reported by TCM are a pile of hooey. perhaps even disinformation. the NSA has full power to stop their harassment campaign at any time. it is possible that there are *elements* within the NSA that regret the policy, but they clearly are not the ones involved in enforcing it. what many people fail to mention is that today we may not even have these horrible infoterrorist problems that the NSA and CIA et. al. are screeching about lately if crypto had been allowed to grow organically and unharassed. in my view, the NSA is largely *responsible* for the weakness in the information infrastructure as it now stands because of their suppression of efforts to implement strong security via crypto. this is the great hypocrisy of it all. frankly at times I think the whole key escrow debate seems like a huge smokescreen or decoy just to get the public to argue about something the NSA was never seriously contemplating anyway. it's could be just a delaying tactic that is working quite spectacularly. every conference of experts sounds the same and they all come to the same conclusion. meanwhile the ITAR is virtually unchanged within the last 5 years.