From: Raph Levien <raph@CS.Berkeley.EDU>
To: cypherpunks@toad.com
Message Hash: 69f204f01e78b51497f4070057e9f12fb74255cc72a535a9a6cf022545fa0fec
Message ID: <199511142322.PAA24924@kiwi.cs.berkeley.edu>
Reply To: <199511142110.NAA28546@email.pdcorp.com>
UTC Datetime: 1995-11-14 23:42:10 UTC
Raw Date: Wed, 15 Nov 1995 07:42:10 +0800
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Wed, 15 Nov 1995 07:42:10 +0800
To: cypherpunks@toad.com
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <199511142110.NAA28546@email.pdcorp.com>
Message-ID: <199511142322.PAA24924@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain
I move we file a CJR on some suitable software with crypto hooks. Off
the top of my head, the most plausible candidate is NCSA httpd v1.3.
It's certainly software with function other than crypto. It's also the
case that the crypto hooks are nearly unusable. I should know - I got
quoted in USA Today for buying three CDs using these hooks ;-).
Another possibility that comes to mind is Eudora. A judgement that
Eudora is non-exportable is certain to piss a lot of people off. I'm
not sure whether that's a good thing or a bad thing. I promise not to
file a CJR without the express permission of the owners of the
software.
Such a CJR would certainly not be frivolous. It is certainly the case
that the law is not clear enough for software producers to move with
confidence. Further, applications with crypto hooks are much more
important to the cpunk cause than are the crypto applications
themselves. Face it: PGP is available to all, but very few people
actively use it. Its serious usability problems are only a small part
of the reason. The real reason is that people are unwilling to
integrate with it because they're afraid of the export controls.
By the way, I have not heard back regarding my t-shirt CJR. If I have
time, I'll call them tomorrow and ask what's up.
Raph
Return to November 1995
Return to “Tatu Ylonen <ylo@cs.hut.fi>”