From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Wed, 15 Nov 1995 07:42:10 +0800
To: cypherpunks@toad.com
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <199511142110.NAA28546@email.pdcorp.com>
Message-ID: <199511142322.PAA24924@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


I move we file a CJR on some suitable software with crypto hooks. Off
the top of my head, the most plausible candidate is NCSA httpd v1.3.
It's certainly software with function other than crypto. It's also the
case that the crypto hooks are nearly unusable. I should know - I got
quoted in USA Today for buying three CDs using these hooks ;-).

Another possibility that comes to mind is Eudora. A judgement that
Eudora is non-exportable is certain to piss a lot of people off. I'm
not sure whether that's a good thing or a bad thing. I promise not to
file a CJR without the express permission of the owners of the
software.

Such a CJR would certainly not be frivolous. It is certainly the case
that the law is not clear enough for software producers to move with
confidence. Further, applications with crypto hooks are much more
important to the cpunk cause than are the crypto applications
themselves. Face it: PGP is available to all, but very few people
actively use it. Its serious usability problems are only a small part
of the reason. The real reason is that people are unwilling to
integrate with it because they're afraid of the export controls.

By the way, I have not heard back regarding my t-shirt CJR. If I have
time, I'll call them tomorrow and ask what's up.

Raph