1993-12-02 - A study of National Cryptography Policy

Header Data

From: karn@qualcomm.com (Phil Karn)
To: hlin@nas.edu
Message Hash: a921b3c85e47b219b595f2dfeb70318311cc8b7cd067a153b61dc910f27b98f3
Message ID: <199312020120.RAA01034@servo>
Reply To: <199311291832.NAA17576@eff.org>
UTC Datetime: 1993-12-02 01:22:24 UTC
Raw Date: Wed, 1 Dec 93 17:22:24 PST

Raw message

From: karn@qualcomm.com (Phil Karn)
Date: Wed, 1 Dec 93 17:22:24 PST
To: hlin@nas.edu
Subject: A study of National Cryptography Policy
In-Reply-To: <199311291832.NAA17576@eff.org>
Message-ID: <199312020120.RAA01034@servo>
MIME-Version: 1.0
Content-Type: text/plain


>As part of the Defense Authorization Bill for FY 1994, the U.S. Congress
>has asked the Computer Science and Telecommunications Board
>(CSTB) of the National Research Council (NRC) to undertake a study of
>national policy with respect to the use and regulation of cryptography.
[...]

A *two year*, *classified* study of national cryptography policy??

I suppose it's just as well. The closest thing we currently have to a
"national cryptography policy" are some ineffective and pointless
export controls that, if proposed legislation is adopted, may go away
in a few months anyway. That would leave civilian cryptography pretty
much unregulated -- exactly as it should be.

So sure, take all the time you like to "study" the issue. The longer
the better. The "cryptography genie" is already well out of its
bottle; in two years, it will be everywhere.

And yes, by all means, require security clearances of all the
participants and classify all of the proceedings. That will exclude
many of the biggest names in civilian cryptography -- those who are
not US citizens, who will not submit themselves to government
censorship, and who do not wish to lend any legitimacy to a government
effort that will inevitably try to regulate what will (and should) be
left alone. And it will stifle any embarassing public debates on minor
issues like free speech, freedom of association and personal privacy,
all of which are just annoying technicalities that keep law
enforcement and intelligence agencies from doing their jobs more
efficiently.

Better yet, restrict membership to these loyal law enforcement and
intelligence agencies, the same ones responsible for the silly current
state of export controls on cryptography. That should eliminate what
few shreds of credibility might remain in the Board's final report.

Phil





Thread