1996-12-15 - Re: ITARs effects

Header Data

From: “Timothy C. May” <tcmay@got.net>
To: cypherpunks@toad.com
Message Hash: 94e2975318e8b8146fbee7ae26ccbbd38dfa6359f4c09d81012c1c612e0ab167
Message ID: <v03007800aed90a375612@[207.167.93.63]>
Reply To: <199612141904.OAA07254@pdj2-ra.F-REMOTE.CWRU.Edu>
UTC Datetime: 1996-12-15 01:56:36 UTC
Raw Date: Sat, 14 Dec 1996 17:56:36 -0800 (PST)

Raw message

From: "Timothy C. May" <tcmay@got.net>
Date: Sat, 14 Dec 1996 17:56:36 -0800 (PST)
To: cypherpunks@toad.com
Subject: Re: ITARs effects
In-Reply-To: <199612141904.OAA07254@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <v03007800aed90a375612@[207.167.93.63]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:09 PM -0500 12/14/96, Adam Shostack wrote:
>Peter D. Junger wrote:
>|
>| : This implies that putting something up for FTP == export. Holy
>| : shit.
>|
>| That has always been the position of the Department of Defense Trade
>| Controls with respect to the ITAR, the only difference is that now
>| it is going to be in writing.
>
>	My understanding is that they choose not to continue
>per^H^Hrosecuting Phil for putting the code up for FTP.  Thus, this is
>a change.  Or did Phil not put the code up for FTP?

I certainly can't speak for Phil, but according to everything I have heard,
and according to several articles that have been written about the events
surrounding the release of PGP 1.0, Phil most definitely DID NOT place the
PGP 1.0 software on any kind of ftp site.

(I believe that at that time, circa 1991, Phil did not even have any kind
of ISP or university Internet access which would have even made this
possible for him. In fact, I believe it was not until around 1993 that he
had a stable e-mail account.)

As to who, if anybody, placed PGP 1.0 on an ftp site, I suggest folks read
some of the articles about how the software was uploaded to bulletin
boards. The evidence is strong that it was NOT Phil who did this, though of
course the software at some point got from Phil to whomover it was who did
place the software on bulletin boards (and ultimately onto ftp sites).

(Note that it was primarily PGP 1.0 which was the subject of the
government's investigations. PGP 2.0 and later releases were handled in a
different way.)

I hope I have not mangled any of the history. These events have been
reported in many articles on PGP and the Zimmermann Affair, including a
long article by Jim Warren on whom--he claims--actually DID place PGP on
publically-accessible sites. See those articles for more details.

It seems likely to me that the new laws, pointed out to us by Lucky, would
make a much wider range of things illegal, and that the mere appearance of
some software on a foreign site could be construed as ipso facto proof that
due care was not taken ("you let it leak out").

But this was not the law in 1991, nor is it the law yet.

--Tim May

Just say "No" to "Big Brother Inside"
We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^1398269     | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









Thread