New export controls to include code signing applications

Adam Shostack adam at homeport.org
Wed Dec 11 19:14:44 PST 1996


Timothy C. May wrote:

| of crypto software, they try to limit the export of anything with "hooks"
| for adding crypto outside the U.S., they try to limit export of crypto
| knowledge, and here they're even trying to limit _signing_ software?
| 
| What's next? Maybe they'll try to limit the dispensing of _legal advice_ by
| U.S. attorneys to foreign clients.


	I'm not sure we should be discussing what's next, or how we'll
monkey wrench it, before it comes out.  Clipper I was mishandled.
Clipper II was mishandled.  Clipper III looked like it might have had
a chance before the administration fumbled the ball with letting the
FBI have a veto.  Those folks do learn, and they may be learning from
their presence here.

	The NIST meeting, which Pat Farrel reported on, had questions
about not interacting with rouge applications, not super-encrypting a
data stream, and other things that we talked about and reminded the
Feds to deal with.

	I say let them propose; let them build systems.  Then attack
them.  Why let them release proposals that already deal with our
attacks?  

	Incidentally, was Mykrotronix a cheap buy because they bought
into Clipper?  Is that what happens to companies that try to get all
their nourishment from the GAK teat?

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume








More information about the cypherpunks-legacy mailing list