1995-12-03 - Re: GAK Flap Happening at a Good Time–Journalists Read!

Header Data

From: djw@pdcorp.com (Dan Weinstein)
To: Black Unicorn <unicorn@schloss.li>
Message Hash: 31b809e0c06624b6260528a95d1c12fecc21abd33f8ec301e49b85b0f26bb3c2
Message ID: <30c10224.23418425@email.pdcorp.com>
Reply To: <Pine.SUN.3.91.951202200809.12018A-100000@polaris.mindport.net>
UTC Datetime: 1995-12-03 02:28:14 UTC
Raw Date: Sun, 3 Dec 1995 10:28:14 +0800

Raw message

From: djw@pdcorp.com (Dan Weinstein)
Date: Sun, 3 Dec 1995 10:28:14 +0800
To: Black Unicorn <unicorn@schloss.li>
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
In-Reply-To: <Pine.SUN.3.91.951202200809.12018A-100000@polaris.mindport.net>
Message-ID: <30c10224.23418425@email.pdcorp.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 2 Dec 1995 20:16:08 -0500 (EST), Black Unicorn
<unicorn@schloss.li> wrote:

>On Sat, 2 Dec 1995, Jeff Weinstein wrote:
>
>> Black Unicorn wrote:
>
>> > AT&T seems to have been suitably 'incentivized'
>> > The receipt of government funding (in whatever guise) might be just as
>> > powerful in this case.
>> > 
>> > To the outsider, it looks as if Netscape 'owes' the government.
>> 
>>   We do owe the government.  They have paid us for Servers and Clients
>> that support Fortezza.  That is what we owe them.  The money that the
>> NSA gave us for Fortezza is not very significant compared to what we
>> are getting from commercial sources.
>
>Obviously it was significant enough to take.  It was also a perfect 
>opportunity for Netscape to express concerns about the future of the 
>technology, which is in netscape's interest.  The astute deal maker would 
>be happy to work with the NSA on his own terms.  Instead, it 
>would appear that Netscape is working FOR NSA on their terms.

If you read what they had to say about this, you know that they are
hoping others will create non-escrowed crypto hardware using the same
interface.  I see no reason for them to not include support for any
available hardware system (even if it includes GAK), as long as they
continue to support non-escrowed encryption internally.  This allows
the customer to decide that they have no problem with GAK and use the
external system, or use the internal system and not have GAK.

>> > > We are actively lobbying in washington to get clarification of the
>> > > current regulations so that we can provide the US version via an "export
>> > > controlled" FTP or HTTP download.
>> > 
>> > With which firm?  Or have you made it an in-house effort?
>> 
>>   We have recently hired a government liason person to manage our policy
>> discussions with the government.  He is one of the people that will be
>> talking to congressional and white house representatives next week.
>> I don't know if we have made use of any outside lobbying firms.
>
>I'd be interested to know what a 'government liason person' is.  It 
>sounds to me like an 'in house lobbist.'  There is an old joke in the 
>beltway about in house lobbists.
>
>I also would like to know why you are actively lobbying for 
>'claification' rather than 'modification' of the current policy.

Until the current policy is clearly defined it is like a moving
target.  Once the government has been pinned down to a single policy,
it will be much easier to dispute their policies.  Currently the
government can say anything they want about their enforcement of ITAR,
because they have not stated a clear set of rules with regard to it.
Once they have set clear rules, those rules can be shown to be overly
restrictive or even unenforceable.

Also, lawyers usually advise clients based on a worst case scenario,
thus when the government is unclear on its rules, the lawyers advise
their clients based upon the worst possible interpretation of the law.
This is done to protect their client.  By not stating a policy, the
government is making that worst case happen, without having to be the
bad guy by actually attempting to enforce such a policy.

>
>Netscape seems to be taking the position, "We'd love it if you'd let us 
>do X, but we are happy to roll over for whatever."  and  "By the way, 
>what is the rule on exporting software again?"
>
>I am impressed that some effort is being made.  I think it in the form of 
>'too little, too late.'  But hey, who am I?

I think you are being too critical, they have done more than any
company I know of to make easy to use crypto widely available.  They
may be willing to obey the laws if they require GAK, but I do not feel
that they are just rolling over either.  I strongly oppose GAK, but I
do not believe that no crypto is better than GAK crypto.  I would
rather keep some people out than nobody out.


Dan Weinstein
djw@pdcorp.com
http://www.earthlink.net/~danjw
PGP public key is available from my Home Page.
All opinions expressed above are mine.

"I understand by 'freedom of Spirit' something quite definite -
the unconditional will to say No, where it is dangerous to say
No.        
           Friedrich Nietzsche







Thread