1996-03-12 - Re: What about PGP? (was Re: Leahy Bill a Move to Slow Crypto Exports as Much as Possible)

Header Data

From: jim bell <jimbell@pacifier.com>
To: wlkngowl@unix.asb.com>
Message Hash: 488727a72984a0b69282a340d2e2e83bc0b7ef8f30097fdc15b534d8bab7b479
Message ID: <m0twAv7-00094GC@pacifier.com>
Reply To: N/A
UTC Datetime: 1996-03-12 22:14:16 UTC
Raw Date: Wed, 13 Mar 1996 06:14:16 +0800

Raw message

From: jim bell <jimbell@pacifier.com>
Date: Wed, 13 Mar 1996 06:14:16 +0800
To: wlkngowl@unix.asb.com>
Subject: Re: What about PGP? (was Re: Leahy Bill a Move to Slow Crypto Exports as Much as Possible)
Message-ID: <m0twAv7-00094GC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 08:04 AM 3/11/96 -0500, Shabbir J. Safdar wrote:

>I think this is somewhat skewed.  Let's look at our situation now:
>
>	We don't get to export much crypto software.
>
>The Leahy bill takes us to:
>
>	We get to export lots of software that is "generally available",
>	"in the public domain or publicly available", or if similar
>	products exist already in other countries.  (That's a lot of
>	stuff, but it's not the whole enchilada.)

This is very debateable.  Generally, I've found that the government will 
always disappoint you, in the implementation of any legislation, "good" or 
"bad."  The "good" gets less good, the "bad" gets more bad.

>We want to be at:

>
>	We get to export all crypto software. (I mean legally; I think
>	we all know that export controls don't work against someone with
>	enough brains to post news, send mail, or use ftp)
>
>This is a pretty good improvement in the situation, and will hopefully
>pave the way for the "whole enchilada".  It's not good strategy though
>to criticize this because it's not the ultimate crypto bill. 

I don't know about others, but _I_ haven't done that.  I've made some 
distinct criticisms that say NOTHING about the extent to which export 
controls are loosened.  (I leave that part of the issue alone because it is 
being addressed properly, unlike the matters I'm focussing on.)


BTW, it has been two days since my first comment to you, however, and you have
presumably seen a few more criticisms that I've heaped on a portion of the 
bill.  Your response (or lack of it) is particularly unexpected, because you 
ought to be interested in defending a  positive review of the bill.  
Sticking your head in the sand isn't a good tactic at this point. 


> Let's be
>honest with ourselves here, this is Congress we're talking about and
>this is a pretty bold step.  We need to educate them to see the facts
>we understand so thoroughly:

"What's wrong with this picture"?  

If this is "a pretty bold step," then my question is, who "on our side" did 
they consult before they wrote this law?  If, as you state, "we need to 
educate them..." then the implication is that this bill simply popped out 
without any apparent "ordinary-crypto-user/small-crypto writer-seller" 
input, right?  In that case, we should ask "how [arguably] did they get what 
we wanted as well as they did?"   

On the other hand, if they DID get consultation from a number of "our" 
organizations, why didn't they fix the remaining problems?  


Here's a totally unsupported hypothesis for your consideration:  I speculate 
that they DID get some input from "our" side, via some confidential 
arrangement, by some of those same organizations that were falling all over 
themselves to praise most of the bill.  In other words, those organizations 
were subtly co-opted, although not nearly completely of course.  However, those 
organizations then felt like they had a "hand into" the structuring of this 
bill, and you know how blind to faults a proud parent can be!

Am I getting close to the truth here, Mr. Safdar?  Tell me, Mr. Safdar, did 
you consult a lawyer before you endorsed this bill?  Please share with us 
whatever legal opinions you received which induced you to speak positively 
about this bill.

> that crypto export controls do not work,
>endanger our own requirements for confidentiality, and aren't helping
>contain this technology in the rest of the world.

Then let's take the position that this law CAN be changed!  In fact, let's 
insist on it.

>Forcing Congress to have this debate will lay bare these facts and
>hopefully embarass the Administration for their absurd policy
>approach on encryption.

With that limited statement I totally agree.

>They say that liberty is seldom lost all at once, but a little at a time. 
>Regaining it is probably done this way as well.  In this case, the
>Leahy bill gives us back a mouthful.

And the "mouthful" contains enough poison to kill our freedoms.  
Fortunately, the poison is easily identifiable, and is all in one spot, and 
should be removeable if we see it in time.

So why are these people trying to shove it down our throats?

Jim Bell

jimbell@pacifier.com






Thread