Re: xhost

To: timothy@smasher.rs.itd.umich.edu
Cc: debian-user@lists.debian.org
Subject: Re: xhost
From: Ian Eure <ieure@crosssound.narrows.com>
Date: Fri, 26 Jun 1998 00:23:01 -0700
Message-id: <[🔎] 19980626002301.A5666@crosssound.narrows.com>
In-reply-to: <[🔎] XFMail.980626011643.timothy@smasher.rs.itd.umich.edu>; from timothy@smasher.rs.itd.umich.edu on Fri, Jun 26, 1998 at 01:16:43AM -0400
References: <01BDA112.7CBEE350@W100416> <[🔎] XFMail.980626011643.timothy@smasher.rs.itd.umich.edu>

Ok. The government of the USA classifies encryption code as a munition, ie a
tool of war; presumably because it is in fact used during wars to stop the
enemy from recieving messages intended for your own side. Ok. So, there is also
this law about not exporting munitions from the USA. Also a USA-specific law.
What this means is that the US government can come down _hard_ on anyone making
encryption software (or hardware) available to non-US citizens. Since, if you
put, say, a copy of PGP on a ftp server in the US, you cannot (easily) verify
that the person(s) downloading it are US citizens without violating a federal
law, all encryption-related software must be distributed from sources outside
the US. Importing encryption software into the US is not an issue.

Note that the actual law states that no encryption stronger than 40 bits may
be exported- 40 bits or lower is ok to export. This makes it very hard to get
copies of, say, pgp (1024+ bits == not ok to export) - which was written in the
US - outside the US border legally. Very hard, but not impossible- the law in
question does not prohibit written or printed copies. So, a printed copy of
PGP was shipped outside the country, where it was scanned, OCR'd and proofred
for errors. At which point it was distributed on a global scale, from outside
the US, legally- since the country it was being distributed from didn't have any
ack-basswords laws about exporting strong encryption products.

Yes, you are correct. The law(s) are pointless. Lobby your local representative. 

On Fri, Jun 26, 1998 at 01:16:43AM -0400, timothy@smasher.rs.itd.umich.edu wrote:
> Ok, so the gov't thinks strong encryption is munitions so you can't export it.
> Why have non-us.debian.org: You can't import it either? Or you just can't use
> it at all in the US?
> 
> .....Not like making _rules_ about import and export can actually stop what
> people do with source available on the net?..... Surely if you are a criminial
> of the sort that the govt is so intent on stopping, then you would have no
> problem with using illegally electronically exported/imported encryption code? 
> 
> Any good sites explaining the matter?
> Thanks,
> Timothy
> ----------------------------------
> E-Mail: timothy@smasher.rs.itd.umich.edu
> Date: 26-Jun-98
> Time: 01:12:04
> 
> This message was sent by XFMail.
> Powered by GNU/Linux 2.0.
> ----------------------------------
> 
> 
> --  
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 

-- 
 ______________________________________________________________
| ian eure, network admin, freelance security consultant, and  |
| manically depressed paranoid schizophrenic, at your service. |
;           <ieure@minion.org> - http://minion.org             ;
:           raw speed = 105.6 wpm with 4.5% errors             :
.  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .

--  
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- RE: xhost
  - From: timothy@smasher.rs.itd.umich.edu

Prev by Date: Re: How do I get exim to work?
Next by Date: Where is Perl Base for Debian v2.0 (Hamm)
Previous by thread: RE: xhost
Next by thread: RE: xhost
Index(es):
- Date
- Thread