Re: Lynx-SSL
> > PS. I never understood why the US is so resistant on issues like these -
> > all it does it create jobs outside the US as opposed to inside to handle
> > these things in the free world.
To be fair, the opposition is coming from the same spooks who
(allegedly) missed the fact that India was planning to conduct
nuclear and *thermonuclear* bomb tests. I think their analysis
is wrong, but I also understand why the people charged with
keeping a terrorist group from conducting their own nuclear tests
in the middle of Manhattan island would be paranoid.
(ObParanoia: was the CIA really surprised by the tests? If they
knew, they would still keep quiet to avoid having Pakistan feeling
that it must also immediately conduct its own tests even before India
conducted hers.)
> The basic concepts behind a public key algorithm cannot be restricted.
It's much worse than that. The First Amendment prevents the government
from restricting the exportation of a book containing the complete
source code to PGP. It prevents the government from requiring
libraries and book stores form "Americans Only" sections, since
foreign nationals are also entitled to (most of) the BoR. (There
are a few exceptions, but I think they're all nationals of states
without formal diplomatic relations with the US.) The floppy disk
in the back of the book, a disk which contains nothing except a
machine readable copy of the contents of the book, is contraband under
the US interpretation of ITAR.
The book, once exported, could be easily scanned in. Or manually
typed in, with slightly more effort.
That said, if you were stopped at the airport with a source
listing of PGP the feds might be able to successfully argue to
a judge that a source code listing wasn't a "legitimate" text
in the sense protected by the FA. That's a far cry from a
conviction, but it's enough to hassle you. (Especially if you're
a foreigner and the feds decide to use one of the laws recently
passed by our Constitution-worshipping Repulsivans.</rant>)
> You
> know, and I know, and most half-decent mathematicians in the world know,
True, but how many elected representatives, judges, or cops
*worldwide* have been exposed to even calculus? They certainly
aren't going to understand the significance of Euler's Totient
function.
> The patent is on the precise algorithm used.
I thought that the patent was on the general idea of public key
cryptosystems, with a separate patent on the first practical
implementation.
> The export restrictions are on actual computer programs (in source or binary
> form) which implement these algorithms in a way which protects data. These
> are classed as 'munitions'.
Source code on paper is protected by the FA. It's only source code
on magnetic media which is contraband, which is why the interpretation
makes so little sense.
Hmm; I wonder if it would be illegal for me to *read* the source
code during a transatlantic phone call. :-) What about reading
it aloud while standing just inside the US-Mexico (not US-Canada)
border, while someone stood just inside Mexico with a recorder.
> In the same way, I cannot export a nuclear bomb from the US, but I can
> export a book which explains how I might construct one.
That's a bad analogy because a detailed book must contain classified
information. Did you conduct independent research? If so, how? :-)
If not, did you violate any conditions of your own security clearance, or
suborn others to do so?
In contrast, the basic ideas behind RSA encryption have been known
for many, many years. The key breakthrough was recognizing how to
use that musty old fact today.
Bear (IanaL) Giles
bgiles@coyotesong.com
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: