1996-01-17 - Re: remarkable recent stories

Header Data

From: Alex Strasheim <cp@proust.suba.com>
To: grafolog@netcom.com (Jonathon Blake)
Message Hash: 3c217f4614a7815d836c66381d2e0bee10a712145d8529566e4ddfe06f385b6a
Message ID: <199601170347.VAA00620@proust.suba.com>
Reply To: <Pine.SUN.3.91.960116180817.1875C-100000@netcom15>
UTC Datetime: 1996-01-17 03:48:33 UTC
Raw Date: Tue, 16 Jan 96 19:48:33 PST

Raw message

From: Alex Strasheim <cp@proust.suba.com>
Date: Tue, 16 Jan 96 19:48:33 PST
To: grafolog@netcom.com (Jonathon Blake)
Subject: Re: remarkable recent stories
In-Reply-To: <Pine.SUN.3.91.960116180817.1875C-100000@netcom15>
Message-ID: <199601170347.VAA00620@proust.suba.com>
MIME-Version: 1.0
Content-Type: text


> 	Caveat:  After decades of secrecy, the NSA has come out
> 	of the cold so to speak.  Are we to safely assume that
> 	the NSA has not had it's major mission changed in a few
> 	major ways when it came into the open?  

Banning crypto is stupid.

Banning crypto doesn't keep solid tools out of the reach of the four 
horemen.  More importantly, it won't put a dent in the underlying 
problems -- drug trafficking, money laundering, child pornography, or 
terrorism.  Anyone in America can buy any kind of drug at any time with 
almost no risk of arrest.  How much worse is crypto going to make 
things?

The crypto rules in ITAR cost US businesses a lot of money.  They're not 
doing any good, and they're doing a lot of deomonstrable harm.  If we 
don't sell crypto abraod, other countries will.  We've got a choice:  we 
can export crypto code or crypto jobs.  Let's keep the jobs.

Demonization of anyone -- even the NSA -- ought to be avoided.  

Remember when Jim Bidzos was evil incarnate?  It wasn't so long ago that
he was hassling with PRZ over the use of RSA in PGP.  Take a look at your
source trees for pgp, mixmaster, and the apache-ssl web server -- a lot of
good tools use rsaref. 

Why does Bidzos let us use rsaref?  Is it altruism?  I doubt it -- he
probably felt that it was in his best interests to maintain as much
control over his patents as he could.  Better to have everyone use rsaref
under a legitimate license than to have scofflaws ignoring your authority
all together.  If he had sued PRZ, what would he have gotten?  When you
give away PEM for nothing, what are your damages from a free PGP?  If you
go into court and PRZ wins, what then?  Anything can happen in court -- 
the patent could even get tossed out.

Bizdos gives away rsaref because it's in his interest to do so.  
Adversaries become allies when common interests develop.

The NSA ought to flip on crypto exports because it's in the national
interest to do so.  Passive surveillance is dying, no one can keep it
alive, and we should stop trading jobs, rights, and dollars to prop it up. 





Thread