1995-10-26 - Re: CJR returned to sender

Header Data

From: tcmay@got.net (Timothy C. May)
To: cypherpunks@toad.com
Message Hash: 9a3a8c1f0db3ebb9b69a51dff5510087b5b6a31cd407df4e43352ba01e0c078a
Message ID: <acb4fe74070210047537@[205.199.118.202]>
Reply To: N/A
UTC Datetime: 1995-10-26 20:47:59 UTC
Raw Date: Fri, 27 Oct 1995 04:47:59 +0800

Raw message

From: tcmay@got.net (Timothy C. May)
Date: Fri, 27 Oct 1995 04:47:59 +0800
To: cypherpunks@toad.com
Subject: Re: CJR returned to sender
Message-ID: <acb4fe74070210047537@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:30 AM 10/26/95, Jeff Weinstein wrote:

>  Should they also reject the same content (RSA-PERL) delivered
>in any of the following ways:
>
>        Printed on paper
>        Printed on paper in OCR font
>        Printed on paper in barcode
>        Printed on paper with magnetic ink (like checks)
>
>  The lines being drawn here seem very arbitrary.

I'll try to think like a bureaucrat responsible for actually trying to
limit the export of weapons, munitions, cluster bombs, nerve gases, secure
communications gear, crypto tools, etc.

My test would be this:

"Is the product actually usable by an adversary or helpful to them in any
major way as a tangible product?"

(I have no idea of what their review criteria are, just suggesting some
plausible considerations.)

How different products get evaluated by these criteria:

* cruise missiles -- Yes.

* designs for cruise missiles -- Yes. Blueprints, especially. Books are
more problematic, as the U.S. has no tendency to screen books for
publication, and no border checks for books. (Not that outgoing luggage
ever gets checked anyway.)

* functional crypto systems, such as RSA products or PGP -- Yes, thinking
as a bureaucrat. (I won't argue the effectiveness of such steps, or the
ultimate futility of trying to control software export.)

* "RSA in Perl," even in machine-readable form. I would not block export of
it, as it is not a "usable system" (no key management, unwieldy to use).
The proof of the pudding: how many people are using "RSA in Perl" to
actually communicate? How many Pablo Escobars or Saddam Husseins are likely
to ever use it?

(If the argument that the few lines of RSA in Perl "give away" the secret
of RSA, this is bogus. The core steps are widely, widely (did I say
"widely") known, and are standard programming examples. One of the first
things I did in Mathematica, several years ago, was to code up "RSA in
Mathematica"...took about 15 lines, without much effort to compact it.)

* "RSA in Perl" on an unreadable t-shirt. Yes. Yes, thinking as a
bureaucrat I would certainly approve it. Or try to lose it, return it
unopened, etc., knowing full well the CJR was being done as a publicity
stunt (well, isn't it?) and that reporters were waiting to make the State
Department look foolish by reporting: "State Department Rules "Munitions
T-Shirt" May Be Exported!"

(Or to look just as foolish by rejecting it.)


--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







Thread