A few speculations on export controls. As we all know, the concentration of so-called hard crypto is the same inside and outside US borders. Or, for that matter, inside and outside "free world" (heh heh) borders. I would even say that anyone with a computer and net link in the world has about equal access to the crypto software. And no one I know ever bothers do download anything from US-based sites with those somnambulistic export-control buttons - it is so much simpler do download it from somewhere else. If we put aside the theory of deranged government, what logic can explain this situation ? Effective domestic crypto regulation. Export farce is just a neat way of scaring companies and individual contributors from developing and providing cryptographic systems within US. Export regulations are the new high point of double-speak. Anyone providing domestic crypto runs the risk of violating EARs. Manufacturers are ultimately responsible when their products end up overseas, and there is nothing in EARs that absolves them from that responsibility. [ For example, try to buy one of IBM crypto-cards - give them a call and ask what does it take to purchase one with hard crypto on it (semi-hard - they stop at 3DES) ] Regular sales channels are closed for crypto today in US. No one dares sell crypto hardware to anonymous public. No one dares to post crypto software for US customers to download with a single-click. Small developers (like that guy from Sunnyvale) are harassed with subpoenas. The end result is a tremendous slow down of crypto systems distribution in the US. Which was the intent. Now the question: is there a way to build a case which will bring down crypto export controls because they demonstrably prevent DOMESTIC sales and therefore constitute DOMESTIC restrictions. Say, if company starts selling some hard crypto products in a storefront for cash only - how would BIX react ? Would a US citizen have to produce ID in order to buy ?