HR695 and its effect on Debian
It appears U.S. Government intelligence agencies are at it again with
proposals on encryption policies. A bill that was supposed to
liberalize encryption policy has taken a turn in exactly the opposite
direction. One report of a draft bill (HR695) that passed out of the House
Intelligence Committee on Thursday is given by Brock N. Meeks on MSNBC
http://www.msnbc.com/news/109489.asp#BODY
Another analysis by Declan McCullagh of the bill is in
http://cgi.pathfinder.com/netly/opinion/0,1042,1385,00.html
I will put a copy of a message from John Ladwig <jladwig@nts.umn.edu>
to the cic-sec mailing list in
ftp://franz.stat.wisc.edu/pub/Debian/Ladwig.msg
so you can read that analysis if you wish.
I have not verified the information in these documents but the sources
seem reputable. Ladwig's analysis begins:
As I read the Intelligence Committee's redrafting of the bill, as of
January 31, 2000 domestic use or import of all encrypting Kerberos,
DCE, and SSH clients will become illegal. Existing SSL, PEM and
S/MIME clients likely would also be illegal, not to mention PGP.
Let me emphasize that this bill has come out of the House Intelligence
Committee but is still a long way from becoming law. Nevertheless the
ramifications for Debian, if it were to become law in its current
form, would be severe. The bill would seem to prohibit the _use_ of
pgp, ssh, ssl, kerberos, etc. in the United States after that cutoff
date.
Please tell me if there is a more appropriate Debian-related list to
which I should have sent this. I sent it to debian-devel because of
its potential impact on developers.
--
Douglas Bates bates@stat.wisc.edu
Statistics Department 608/262-2598
University of Wisconsin - Madison http://www.stat.wisc.edu/~bates/
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: