From: "John Lehmann (SSASyd)" <LEHMANNJ@saatchi.com.au>
Date: Mon, 20 Jan 1997 20:55:37 -0800 (PST)
To: "'cypher-punks'" <cypherpunks@toad.com>
Subject: RE: Disseminating public-key crypto source code
Message-ID: <32E45B6B@smtp.saatchi.com.au>
MIME-Version: 1.0
Content-Type: text/plain



>
>I've written a few Perl routines for public-key cryptography.  I'd
>like to freely disseminate the source code (starting with ElGamal) to
>as many people as I can,
>
>It's my understanding that there are two orthogonal restrictions:
>
>        1) ITAResque: I can't give code to non-U.S. citizens.
>        2) PKPesque: Using public-key crypto is an infringement,
>                     although disseminating/possessing the source
>                     code is not.
>
>While I'm sure these are oversimplifications, it would seem that I can
>release my source code over the Internet provided I install a simple
>verification mechanism (cf. MIT's PGP distribution) to ensure that
>only people claiming to be U.S. citizens have access privileges.
>
>Am I correct?  If so, why aren't more people doing this?
>

People do do this, but if you are using RSA or other methods patented in   
the US, you might want to look at them.  Is the concept of PK   
cryptography patented?

And of course you are familiar with Bernstein v DoS...   
 [http://www.eff.org/pub/Legal/Cases/Bernstein_v_DoS/HTML/bernstein_961218  
_pressrel.html]

>The plaintiff in the case, Daniel J. Bernstein, Research Assistant   
Professor at >the University of Illinois at Chicago, developed an   
"encryption
>algorithm" (a recipe or set of instructions) that he wanted to publish   
in printed >journals as well as on the Internet. Bernstein sued the
>government, claiming that the government's requirements that he register   
as an >arms dealer and seek government permission before publication
>was a violation of his First Amendment right of free speech. This is   
required by >the Arms Export Control Act and its implementing   
regulations,
>the International Traffic in Arms Regulations.
>
>In the first phase of this litigation, the government argued that since   
Bernstein's >ideas were expressed, in part, in computer language (source
>code), they were not protected by the First Amendment. On April 15,   
1996, >Judge Patel rejected that argument and held for the first time   
that
>computer source code is protected speech for purposes of the First   
>Amendment.

...here Perl has the advantage of being a scripting language, and so by   
default comes as source, though if you had written the routines in a   
scripting langauge like Python, you might find it easier to convince a   
judge that it was in fact human readable...

 --
John "BTW IANAL" Lehmann