At 4:39 PM -0800 12/11/96, Lucky Green wrote:

It has been speculated in the past that certain crypto schemes, such as proposed by Microsoft and Sun, using signed crypto plugins might be helpful to the cause for strong crypto if non-US branches of US software companies would certify foreign developed crypto software.

According to the recent proposal by Commerce, this will not happen. It will be illegal to export the software required to sign the code. So much for the government's claim that they make no attempt to limit the export of signing-only software.

...

From http://www.steptoe.com/commerce.htm

[Listing specific software prohibited from export] "c.2. "Software" to certify "software" controlled by 5D002.c.1; " ...

They're really looking desperate, aren't they? They try to limit the export of crypto software, they try to limit the export of anything with "hooks" for adding crypto outside the U.S., they try to limit export of crypto knowledge, and here they're even trying to limit _signing_ software? What's next? Maybe they'll try to limit the dispensing of _legal advice_ by U.S. attorneys to foreign clients. (I keep using the phrase "they try to" becuase obviously few of these schemes to keep the horses in the barn will work.) It's looking more and more obvious that crypto development belongs outside the U.S. (is this observation a controlled item?). --Tim Just say "No" to "Big Brother Inside" We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."

These are important, and damaging changes to the regulations. My thanks to Lucky for pointing them out. Previously, authentication technologies, signatures and integrity checkers had specific exemptions. I suggest those journalists who lurk here call companies like Digital Pathways, McAffee, Symantec, and see if they are aware of these proposed changes. Adam Lucky Green wrote: | It has been speculated in the past that certain crypto schemes, such as | proposed by Microsoft and Sun, using signed crypto plugins might be helpful | to the cause for strong crypto if non-US branches of US software companies | would certify foreign developed crypto software. | | According to the recent proposal by Commerce, this will not happen. It will | be illegal to export the software required to sign the code. So much for | the government's claim that they make no attempt to limit the export of | signing-only software. | | >From http://www.steptoe.com/commerce.htm | | [Listing specific software prohibited from export] | "c.2. "Software" to certify "software" controlled by 5D002.c.1; " | | And, btw, virus checkers are also prohibited from export. Makes you wonder. | | "c.3. "Software" designed or modified to protect against malicious computer | damage, e.g., viruses;" | | | -- Lucky Green <mailto:shamrock@netcom.com> PGP encrypted mail preferred | Make your mark in the history of mathematics. Use the spare cycles of | your PC/PPC/UNIX box to help find a new prime. | http://ourworld.compuserve.com/homepages/justforfun/prime.htm | -- "It is seldom that liberty of any kind is lost all at once." -Hume