From: Robert Hettinga <rah@shipwright.com>
Date: Sat, 5 Dec 1998 08:14:11 +0800
To: cypherpunks@cyberpass.net
Subject: Re: FC: So far, I think Mr. Aarons' Wassenaar statement is  disinformation
Message-ID: <v04020a4db28e215d5a28@[139.167.130.246]>
MIME-Version: 1.0
Content-Type: text/plain




--- begin forwarded text


Date: Fri, 4 Dec 1998 18:19:58 -0500 (EST)
From: Peter F Cassidy <pcassidy@world.std.com>
To: Robert Hettinga <rah@shipwright.com>
Cc: dcsb@ai.mit.edu
Subject: Re: FC: So far, I think Mr. Aarons' Wassenaar statement is
disinformation
Mime-Version: 1.0
Sender: bounce-dcsb@ai.mit.edu
Precedence: bulk
Reply-To: Peter F Cassidy <pcassidy@world.std.com>



Friends,

In e-mail exchanges with EC ministers and government ministers in W.
European nations that I have had about Aarons one thing is consistent. All
seemed to be shocked and dismayed at his ability to report out facts to
the press in the US and to the Clinton Administration that have little to
do with actual events. It would not surprise any of them if Aarons'
unilaterally declared a 33 nation crypto-control agreement that was based
entirely on his baroque misunderstanding of the facts.

PFC


On Fri, 4 Dec 1998, Robert Hettinga wrote:

>
> --- begin forwarded text
>
>
> X-Sender: declan@mail.well.com
> Date: Fri, 04 Dec 1998 15:29:29 -0500
> To: politech@vorlon.mit.edu
> From: Declan McCullagh <declan@well.com>
> Subject: FC: So far, I think Mr. Aarons' Wassenaar statement is
>   disinformation
> Mime-Version: 1.0
> Sender: owner-politech@vorlon.mit.edu
> Reply-To: declan@well.com
> X-Loop: politech@vorlon.mit.edu
> X-URL: Politech is at http://www.well.com/~declan/politech/
>
> [John is basing his analysis below on what's been posted on the Wassenaar
> site so far, and these kinds of documents aren't always put online
> immediately. That said, if Ambassador Aaron is talking about the online
> documents and John's analysis is correct, the Clinton administration is
> going beyond mere spin: it is trying to deliberately deceive. --Declan]
>
> *********
>
> Subject: So far, I think Mr. Aarons' Wassenaar statement is disinformation
>
> Date: Fri, 04 Dec 1998 10:55:00 -0800
> From: John Gilmore <gnu@toad.com>
>
> I have not found a single confirmation of the Aarons statement that
> the 33 Wassenaar countries have agreed to change the exemption for
> mass market crypto software.  (The NY Times and Reuters stories both
> quote Ambassador Aarons.)
>
> This lack of confirmation includes the Wassenaar Arrangement statement
> itself, which merely says:
>
> 	The amendments to the lists included elimination of coverage of
> 	commonly available civil telecommunications equipment as well
> 	as the modernisation of encryption controls to keep pace with
> 	developing technology and electronic commerce, while also being
> 	mindful of security interests.
>
> 	http://www.wassenaar.org/docs/press_4.html
>
> The Wassenaar Arrangement works by consensus; any member can block the
> adoption of any item merely by voting against it.  The policy Aarons
> announced is directly contradictory to the recently reaffirmed
> government policies of Finland and Ireland.  In addition, Canada and
> Germany have recently stated strong pro-crypto positions (while
> waffling on the particular issue of the treatment of PD and MM
> software).
>
> The Wassenaar Arrangement also states:
>
> 	This arrangement will not be directed against
> 	any state or group of states and will not impede
> 	bona fide civil transactions.
>
> To the extent that there is any attempt in the Agreement to control
> mass market or public domain crypto software, such a provision
> would clearly contradict this limitation written into the Arrangement.
> The Arrangement is for military goods -- not for civilian goods.
> PGP and other civilian crypto tools are not military by any stretch
> of the imagination.  It's hard to imagine that all 33 countries would
> ignore this obvious problem, especially when it was pointed out to them
> by concerted lobbying over the last several months.
>
> I also note that none of the statements are clear about exactly what
> is affected.  PGP, SSH, SSLEAY, Linux IPSEC, and many other crypto
> tools are "public domain" rather than "mass market" software.  The
> General Software Note (originally from COCOM, and adopted bodily by
> Wassenaar when it was formed) exempted both "public domain" and "mass
> market" software from all controls.
>
> Finally, a companion paper released from Wassenaar yesterday shows a
> clear concern by the body for human rights and fundamental freedoms:
> http://www.wassenaar.org/docs/criteria.html:
>
> 	e.  Is there a clearly identifiable risk that the weapons might
> 	be used for the violation and suppression of human rights and
> 	fundamental freedoms?
>
> (In this case if the the Aarons statement was true, Wassenaar itself
> would be used for the violation and suppression of human rights and
> fundamental freedoms.  It's hard to see that the delegates would also
> ignore this and vote to suppress human rights and freedoms.)
>
> So, I see two major probabilities here:
>
> 	*  Either Aarons is lying, to see how much trouble this stirs up.
> 	This would be taking a page from FBI Director Freeh, who
> 	announced FBI support for domestic controls on crypto last year,
> 	and was then disavowed by the Administration when a ruckus
> 	resulted.
>
> 	*  Or the NSA has cut a deal with these countries.  Then the
> 	question is:  what did NSA offer in return?  The usual trade
> 	has been access to the flow of wiretaps (as in the UKUSA
> 	agreement that gives Britain, NZ, Australia, and Canada access
> 	to Echelon -- look who the strongest supporters of the US position
> 	are).  Another alternative is that they used wiretaps to
> 	blackmail senior politicians in the recalcitrant countries.
> 	(It happened in the US by J. Edgar Hoover for many years.)
>
> Do either of you have any info that would tend to confirm or deny
> one of these theories?
>
> EFF and the GILC members are checking with various governments to
> start to flesh out what *actually* happened.
>
> I should also note that developments like this are rather expectable.
> Every time crypto policies get decided in a closed-door meeting where
> the US government is invited, they get worse.  Whenever crypto
> policies are set in open meetings where the public and the press are
> able to watch -- or even, god forbid, participate -- they get better.
> The OECD meetings of a few years ago were intended to be the first,
> but citizens and journalists swarmed the meeting site, buttonholed
> delegates as they entered and left, and turned it into the second.  We
> should've done the same with this Wassenaar meeting.
>
> US civil libertarians are prying crypto policy decisions into the
> light of day via the courts and the Freedom of Information Act.
> Classified NSA/FBI testimony to Congress is getting declassified, and
> then its obvious lies are easily rebutted by the public.
>
> The natural response of a bureacracy that is more concerned with its
> own power to wiretap, than with making the right decisions for its
> citizens, is to move its crypto maneuvering overseas into "diplomatic
> meetings", held under cover of diplomatic secrecy, where they can lie
> and twist arms with impunity.
>
> 	John
>
>
> --------------------------------------------------------------------------
> POLITECH -- the moderated mailing list of politics and technology
> To subscribe: send a message to majordomo@vorlon.mit.edu with this text:
> subscribe politech
> More information is at http://www.well.com/~declan/politech/
> --------------------------------------------------------------------------
>
> --- end forwarded text
>
>
> -----------------
> Robert A. Hettinga <mailto: rah@philodox.com>
> Philodox Financial Technology Evangelism <http://www.philodox.com/>
> 44 Farquhar Street, Boston, MA 02131 USA
> "... however it may deserve respect for its usefulness and antiquity,
> [predicting the end of the world] has not been found agreeable to
> experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
>
> For help on using this list (especially unsubscribing), send a message to
> "dcsb-request@ai.mit.edu" with one line of text: "help".
>


For help on using this list (especially unsubscribing), send a message to
"dcsb-request@ai.mit.edu" with one line of text: "help".

--- end forwarded text


-----------------
Robert A. Hettinga <mailto: rah@philodox.com>
Philodox Financial Technology Evangelism <http://www.philodox.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'