Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

EFF SUES TO OVERTURN CRYPTOGRAPHY RESTRICTIONS

67 views
Skip to first unread message

Stanton McCandlish

unread,
Feb 21, 1995, 11:17:26 PM2/21/95
to
EFF SUES TO OVERTURN CRYPTOGRAPHY RESTRICTIONS
First Amendment Protects Information about Privacy Technologies

February 21, 1995
San Mateo, California

In a move aimed at expanding the growth and spread of privacy and
security technologies, the Electronic Frontier Foundation is sponsoring a
federal lawsuit filed today seeking to bar the government from restricting
publication of cryptographic documents and software. EFF argues that
the export-control laws, both on their face and as applied to users of
cryptographic materials, are unconstitutional.

Cryptography, defined as "the science and study of secret writing,"
concerns the ways in which communications and data can be encoded to
prevent disclosure of their contents through eavesdropping or message
interception. Although the science of cryptography is very old, the
desktop-computer revolution has made it possible for cryptographic
techniques to become widely used and accessible to nonexperts.

EFF believes that cryptography is central to the preservation of
privacy and security in an increasingly computerized and networked
world. Many of the privacy and security violations alleged in the
Kevin Mitnick case, such as the theft of credit card numbers, the
reading of other peoples' electronic mail, and the hijacking of other
peoples' computer accounts, could have been prevented by widespread
deployment of this technology. The U.S. government has opposed such
deployment, fearing that its citizens will be private and secure from
the government as well as from other vandals.

The plaintiff in the suit is a graduate student in Mathematics at the
University of California at Berkeley named Dan Bernstein. Bernstein
developed an encryption equation, or algorithm, and wishes to publish the
algorithm, a mathematical paper that describes and explains the algorithm,
and a computer program that runs the algorithm. Bernstein also
wishes to discuss these items at mathematical conferences and other open,
public meetings.

The problem is that the government currently treats cryptographic software
as if it were a physical weapon and highly regulates its dissemination. Any
individual or company who wants to export such software -- or to publish
on the Internet any "technical data" such as papers describing encryption
software or algorithms -- must first obtain a license from the State
Department. Under the terms of this license, each recipient of the licensed
software or information must be tracked and reported to the government.
Penalties can be pretty stiff -- ten years in jail, a million dollar
criminal fine, plus civil fines. This legal scheme effectively prevents
individuals from engaging in otherwise legal communications about encryption.

The lawsuit challenges the export-control scheme as an ``impermissible
prior restraint on speech, in violation of the First Amendment.''
Software and its associated documentation, the plaintiff contends, are
published, not manufactured; they are Constitutionally protected works of
human-to-human communication, like a movie, a book, or a telephone
conversation. These communications cannot be suppressed by the government
except under very narrow conditions -- conditions that are not met by the
vague and overbroad export-control laws. In denying people the right to
publish such information freely, these laws, regulations, and procedures
unconstitutionally abridge the right to speak, to publish, to associate
with others, and to engage in academic inquiry and study. They also have
the effect of restricting the availability of a means for individuals to
protect their privacy, which is also a Constitutionally protected interest.

More specifically, the current export control process:

* allows bureaucrats to restrict publication without ever going to court;

* provides too few procedural safeguards for First Amendment rights;

* requires publishers to register with the government, creating in
effect a "licensed press";

* disallows general publication by requiring recipients to be
individually identified;

* is sufficiently vague that ordinary people cannot know what conduct
is allowed and what conduct is prohibited;

* is overbroad because it prohibits conduct that is clearly protected
(such as speaking to foreigners within the United States);

* is applied overbroadly, by prohibiting export of software that
contains no cryptography, on the theory that cryptography could be added
to it later;

* egregiously violates the First Amendment by prohibiting private
speech on cryptography because the government wishes its own opinions
on cryptography to guide the public instead; and

* exceeds the authority granted by Congress in the export control laws
in many ways, as well as exceeding the authority granted by the
Constitution.

If this suit is successful in its challenge of the export-control laws, it
will clear the way for cryptographic software to be treated like any other
kind of software. This will allow companies such as Microsoft, Apple,
IBM, and Sun to build high-quality security and privacy protection into
their operating systems. It will also allow computer and network users,
including those who use the Internet, much more freedom to build and
exchange their own solutions to these problems, such as the freely
available PGP encryption program. And it will enable the next generation
of Internet protocols to come with built-in cryptographic security and
privacy, replacing a sagging part of today's Internet infrastructure.

Lead attorney on the case is Cindy Cohn, of McGlashan and Sarrail in San
Mateo, CA, who is offering her services pro-bono. Major assistance has
been provided by Shari Steele, EFF staff; John Gilmore, EFF Board; and Lee
Tien, counsel to John Gilmore. EFF is organizing and supporting the case
and paying the expenses.

Civil Action No. C95-0582-MHP was filed today in Federal District
Court for the Northern District of California. EFF anticipates that
the case will take several years to win. If the past is any guide,
the government will use every trick and every procedural delaying
tactic available to avoid having a court look at the real issues.
Nevertheless, EFF remains firmly committed to this long term project.
We are confident that, once a court examines the issues on the merits,
the government will be shown to be violating the Constitution, and
that its attempts to restrict both freedom of speech and privacy will
be shown to have no place in an open society.

Full text of the lawsuit and other paperwork filed in the case is available
from the EFF's online archives. The exhibits which contain cryptographic
information are not available online, because making them publicly available
on the Internet could be considered an illegal export until the law is struck
down. We are still uploading some of the documents, including the main
complaint, so please try again later if what you want isn't there yet. See:

http://www.eff.org/pub/EFF/Policy/Crypto/ITAR_export/Bernstein_case/
ftp.eff.org, /pub/EFF/Policy/Crypto/ITAR_export/Bernstein_case/
gopher.eff.org, 1/EFF/Policy/Crypto/ITAR_export/Bernstein_case

Press contact: Shari Steele, EFF: sst...@eff.org, +1 202 861 7700.

For further reading, we suggest:

The Government's Classification of Private Ideas: Hearings Before a
Subcomm. of the House Comm. on Government Operations, 96th Cong., 2d
Sess. (1980)

John Harmon, Assistant Attorney General, Office of Legal Counsel,
Department of Justice, Memorandum to Dr. Frank Press, Science Advisor to
the President, Re: Constitutionality Under the First Amendment of ITAR
Restrictions on Public Cryptography (May 11, 1978). [Included in the
above Hearings; also online as http://www.eff.org/pub/EFF/Policy/Crypto/
ITAR_export/ITAR_FOIA/itar_hr_govop_hearing.transcript].

Alexander, Preserving High-Tech Secrets: National Security Controls on
University Research and Teaching, 15 Law & Policy in Int'l Business 173
(1983)

Cheh, Government Control of Private Ideas-Striking a Balance Between
Scientific Freedom and National Security, 23 Jurimetrics J. 1 (1982)

Funk, National Security Controls on the Dissemination of Privately
Generated Scientific Information, 30 U.C.L.A. L. Rev. 405 (1982)

Pierce, Public Cryptography, Arms Export Controls, and the First
Amendment: A Need for Legislation, 17 Cornell Int'l L. J. 197 (1984)

Rindskopf and Brown, Jr., Scientific and Technological Information and
the Exigencies of Our Period, 26 Wm. & Mary L. Rev. 909 (1985)

Ramirez, The Balance of Interests Between National Security Controls and
First Amendment Interests in Academic Freedom, 13 J. Coll. & U. Law 179
(1986)

Shinn, The First Amendment and the Export Laws: Free Speech on
Scientific and Technical Matters, 58 Geo. W. L. Rev. 368 (1990)

Neuborne and Shapiro, The Nylon Curtain: America's National Border and
the Free Flow of Ideas, 26 Wm. & Mary L. Rev. 719 (1985)

Greenstein, National Security Controls on Scientific Information, 23
Jurimetrics J. 50 (1982)

Sullivan and Bader, The Application of Export Control Laws to Scientific
Research at Universities, 9 J. Coll. & U. Law 451 (1982)

Wilson, National Security Control of Technological Information, 25
Jurimetrics J. 109 (1985)

Kahn, The Codebreakers: The Story of Secret Writing. New York:
Macmillan (1967) [Great background on cryptography
and its history.]

Relyea, Silencing Science: national security controls and scientific
communication, Congressional Research Service. Norwood, NJ:
Ablex Publishing Corp. (1994)

John Gilmore, Crypto Export Control Archives, online at
http://www.cygnus.com/~gnu/export.html

EFF Crypto Export Control Archives, online at
ftp.eff.org, /pub/EFF/Policy/Crypto/ITAR_export/
gopher.eff.org, 1/EFF/Policy/Crypto/ITAR_export
http://www.eff.org/pub/EFF/Policy/Crypto/ITAR_export/


--
<A HREF="http://www.eff.org/~mech/"> Stanton McCandlish
</A><HR><A HREF="mailto:me...@eff.org"> me...@eff.org
</A><P><A HREF="http://www.eff.org/"> Electronic Frontier Foundation
</A><P><A HREF="http://www.eff.org/1.html"> Online Services Mgr. </A>

Christian F. Goetze

unread,
Feb 22, 1995, 3:34:26 AM2/22/95
to
Great work!

But one thing I don't understand is why software producers don't simply
provide hooks for PGP? PGP is readily available outside the US (I had
no trouble getting it in japan) and a well-crafted tool. Is providing
hooks without actually providing the software already a violation of
the export restrictions?
--

<A HREF="http://www.u-aizu.ac.jp/brochure/SW/c-goetze.html">cg</A>

Bruce Umbaugh

unread,
Feb 22, 1995, 10:11:35 AM2/22/95
to
Stanton McCandlish (me...@eff.org) wrote:
: EFF SUES TO OVERTURN CRYPTOGRAPHY RESTRICTIONS
: First Amendment Protects Information about Privacy Technologies

: February 21, 1995
: San Mateo, California

: In a move aimed at expanding the growth and spread of privacy and
: security technologies, the Electronic Frontier Foundation is sponsoring a
: federal lawsuit filed today seeking to bar the government from restricting
: publication of cryptographic documents and software. EFF argues that
: the export-control laws, both on their face and as applied to users of
: cryptographic materials, are unconstitutional.

[snip]

Way to go, EFF!

As we all know, this is going to be a loooonnnng and difficult fight. I
wish you all the best in this important struggle, and will be sending
modest financial support forthwith.

Most of all, I look forward to following such a significant case to its
completion, and being able to tell my students, "I remember when . . . ."

--Bruce

Bruce Umbaugh
Philosophy Department
Webster University
St. Louis, Missouri 63119 USA

David Sternlight

unread,
Feb 22, 1995, 1:15:15 PM2/22/95
to
In article <1995022204...@eff.org>,
Stanton McCandlish <me...@eff.org> wrote:

Oy, Stanton, there you go again--just when I was becoming one of your fans
over the CoS matter.

I'll leave as an exercise for the reader the spotting of the many attempts
at mind-reading and imputation of motives in the document.

The sad thing is that the document and the lawsuit is basically a very good
one and most of the material is on point.

Can't you guys control your emotions when you're writing press releases--it
does lead to the occasional bullet heading for the toe in that it loses you
some reasonable and rational non-partisans who might ordinarily be useful
allies.

The basic idea of the lawsuit--that software is published, not manufactured,
is an interesting one. I don't know if it will succeed, but it certainly
produces an interesting case if a judge doesn't throw it out immediately on
the basis that that fundamental assumption is legally flawed.

Have you checked with some of the bigger Microsofts (TM) on the block, to
see if their interests would make them allies in supporting the notion of
publish vs. manufacture, or if you're going to get cross-wise to them since
manufacture has certain legal trade secret protections publish does not, I
speculate? In addition, those who would support software patents are, I
argue, likely to like "manufacture" and hate "publish."

You may be goring big enough oxen with this through the law of unintended
consequences that in the end it will fail because you will create rich,
well-lawyered adversaries (other than the Feds) you force to take the other
side.

Interesting.

David


J. S. Greenfield

unread,
Feb 22, 1995, 1:21:20 PM2/22/95
to
In article <1995022204...@eff.org> me...@eff.org (Stanton McCandlish) writes:
> EFF SUES TO OVERTURN CRYPTOGRAPHY RESTRICTIONS
> First Amendment Protects Information about Privacy Technologies

[...]

>The plaintiff in the suit is a graduate student in Mathematics at the
>University of California at Berkeley named Dan Bernstein. Bernstein
>developed an encryption equation, or algorithm, and wishes to publish the
>algorithm, a mathematical paper that describes and explains the algorithm,
>and a computer program that runs the algorithm. Bernstein also
>wishes to discuss these items at mathematical conferences and other open,
>public meetings.

I presume that a decision was specifically made to *make* this a test case,
right? After all, haven't cryptographers been publishing their results
(prior to getting slapped with a secrecy order) for decades now, with
impunity?

In any case, I applaud the move, even if Dan and I cannot agree about
software patents. :) It's about time.


[...]

>More specifically, the current export control process:

[...]

> * is applied overbroadly, by prohibiting export of software that
> contains no cryptography, on the theory that cryptography could be added
> to it later;

I'd be interested in knowing more about this, since I've been developing
a library that has been planned for likely export, and which uses RSAREF
2.0 (or code conforming to that interface) as a plug-in, containing the
actual cryptographic routines.


> * egregiously violates the First Amendment by prohibiting private
> speech on cryptography because the government wishes its own opinions
> on cryptography to guide the public instead; and

Who has put forth this interpretation? I certainly haven't heard of
any agency claim such, let alone heard of any relevant legal action
taken against somebody for such.

If this were truly the case, this thread (not to mention a hell of a lot of
other discussion on Usenet and elsewhere) could serve as a test case, in
and of itself!


--
J. S. Greenfield gre...@thelair.zynet.com
(So what were you expecting?
A Gorilla?!) "What's the difference between an orange?"

John Kasdan

unread,
Feb 22, 1995, 2:23:00 PM2/22/95
to

In article <1995022204...@eff.org>,
Stanton McCandlish <me...@eff.org> wrote:
> EFF SUES TO OVERTURN CRYPTOGRAPHY RESTRICTIONS
> First Amendment Protects Information about Privacy Technologies
>
>February 21, 1995
>San Mateo, California
>
>In a move aimed at expanding the growth and spread of privacy and
>security technologies, the Electronic Frontier Foundation is sponsoring a
>federal lawsuit filed today seeking to bar the government from restricting
>publication of cryptographic documents and software. EFF argues that
>the export-control laws, both on their face and as applied to users of
>cryptographic materials, are unconstitutional.
>

Good! About time that someone challenged this part of the ITAR.
........

>
>The plaintiff in the suit is a graduate student in Mathematics at the
>University of California at Berkeley named Dan Bernstein. Bernstein
>developed an encryption equation, or algorithm, and wishes to publish the
>algorithm, a mathematical paper that describes and explains the algorithm,
>and a computer program that runs the algorithm. Bernstein also
>wishes to discuss these items at mathematical conferences and other open,
>public meetings.
>

I see that Dan has some time left over from all that factoring.

>The problem is that the government currently treats cryptographic software
>as if it were a physical weapon and highly regulates its dissemination. Any
>individual or company who wants to export such software -- or to publish
>on the Internet any "technical data" such as papers describing encryption
>software or algorithms -- must first obtain a license from the State
>Department. Under the terms of this license, each recipient of the licensed
>software or information must be tracked and reported to the government.
>Penalties can be pretty stiff -- ten years in jail, a million dollar
>criminal fine, plus civil fines. This legal scheme effectively prevents
>individuals from engaging in otherwise legal communications about encryption.
>

Isn't this a bit of overstatement? As I understand it, all that you
_can't_ post is actual code which implements the algorithm.
Descriptions, including pseudo-code, have been posted for, among
others, RSA,DES,RC5 (and even code for RC4, although that's a
different story) without being challenged. And remember, "technical
data," as the term is used in the ITAR, is a term of art and is
defined so as to exclude compilable software.

....

>Full text of the lawsuit and other paperwork filed in the case is available
>from the EFF's online archives. The exhibits which contain cryptographic
>information are not available online, because making them publicly available
>on the Internet could be considered an illegal export until the law is struck
>down. We are still uploading some of the documents, including the main
>complaint, so please try again later if what you want isn't there yet. See:
>

Same comments as above. However, Well Done!

><A HREF="http://www.eff.org/~mech/"> Stanton McCandlish
></A><HR><A HREF="mailto:me...@eff.org"> me...@eff.org
></A><P><A HREF="http://www.eff.org/"> Electronic Frontier Foundation
></A><P><A HREF="http://www.eff.org/1.html"> Online Services Mgr. </A>

/JK


Gary McGath

unread,
Feb 22, 1995, 7:46:53 AM2/22/95
to
In article <1995022204...@eff.org>, me...@eff.org (Stanton
McCandlish) wrote:

> In a move aimed at expanding the growth and spread of privacy and
> security technologies, the Electronic Frontier Foundation is sponsoring a
> federal lawsuit filed today seeking to bar the government from restricting
> publication of cryptographic documents and software. EFF argues that
> the export-control laws, both on their face and as applied to users of
> cryptographic materials, are unconstitutional.

Sounds great -- it could almost make up for EFF supporting the wiretap
bill! I'll look at the materials and, if I like what I see, send in money
in support of this effort.

--
Gary McGath
gmc...@condes.mv.com
PGP Signature: 3E B3 62 C8 F8 9E E9 3A 67 E7 71 99 71 BD FA 29

William Unruh

unread,
Feb 22, 1995, 6:03:16 PM2/22/95
to
me...@eff.org (Stanton McCandlish) writes:

> EFF SUES TO OVERTURN CRYPTOGRAPHY RESTRICTIONS
> First Amendment Protects Information about Privacy Technologies

<long post>

Let me just wish you the best of luck and good fortune. I'm definitely rooting for
you.
--
Bill Unruh
un...@physics.ubc.ca

Stanton McCandlish

unread,
Feb 22, 1995, 7:30:48 PM2/22/95
to
In article <gmcgath-2202...@condes.mv.com>,

Gary McGath <gmc...@condes.mv.com> wrote:
>In article <1995022204...@eff.org>, me...@eff.org (Stanton
>McCandlish) wrote:
>
>> In a move aimed at expanding the growth and spread of privacy and
>> security technologies, the Electronic Frontier Foundation is sponsoring a
>> federal lawsuit filed today seeking to bar the government from restricting
>> publication of cryptographic documents and software. EFF argues that
>> the export-control laws, both on their face and as applied to users of
>> cryptographic materials, are unconstitutional.
>
>Sounds great -- it could almost make up for EFF supporting the wiretap
>bill! I'll look at the materials and, if I like what I see, send in money
>in support of this effort.

EFF did not support the Digital Telephony bill. We opposed the entire
raison d'etre of the thing, and strongly opposed (and killed a whole lot
of) the FBI language in the bill. We did support the pro-privacy
sections of the bill and fought pretty hard to get a right of public
review of and participation in the FBI stuff. We're sorry we couldn't
just kill the entire thing on the spot, but that wasn't the way it was
going to work this time. We don't have 100,000 members and a billion
dollars to throw at lobbying. :) Even if we DID, and could do so under
the IRS regs which we couldn't, it still probably wouldn't have worked.
Very very few Congressfolks are willing to vote against a law-n-order
bill because it will seriously harm their chances for re-election.
Pretty lame, but that's reality.

ANYWAY: Even if you don't support EFF's other steps and actions, if you
wish to contribute to this specific effort, you can earmark your donation
or even membership fees for the Bernstein case and the Bernstein case
alone (or anything else as you wish) and our Finance Director will mark
those as restricted funds. Any support you can offer will be
appreciated, and far more importantly, very helpful to the case, since it
will be expensive, and probably will take well over a year, if not two,
to see to completion. This is a big one.

Stanton McCandlish

unread,
Feb 22, 1995, 7:34:36 PM2/22/95
to
In article <3ifk77$5...@crl9.crl.com>, Bruce Umbaugh <bumb...@crl.com> wrote:
>
>Way to go, EFF!
>
>As we all know, this is going to be a loooonnnng and difficult fight. I
>wish you all the best in this important struggle, and will be sending
>modest financial support forthwith.
>
>Most of all, I look forward to following such a significant case to its
>completion, and being able to tell my students, "I remember when . . . ."

Thanks much. Your funds will surely help - this will indeed be a long
fight - we expect the DoS, et al. to use everything they have to try to
break this case, every tactic, every prevarication and excuse, every
strategy for dawdling and obfuscation at their disposal. (See previous
attempts by NSA to get out of FOIA lawsuits - they'll even directly
violate FOIA.)

Stanton McCandlish

unread,
Feb 22, 1995, 8:43:45 PM2/22/95
to
In article <C-GOETZE.95...@pross89.u-aizu.ac.jp>,


To my knowledge this has not been tested in court, but as I think either
our release or the case docs state (I misremember right off hand, I've
read so much legalese the last few days...), the "technical data"
restrictions in ITAR do appear to be overly general and broad enough to
prohibit such software hooks.

Even if it didn't, the principle of the things is still important, as is
the fact that ITAR going down makes any Clipper-type schemes much more
difficult to implement w/o the big stick of export restrictions to whack
software publishers with. Also, few but hardcore techies can install the
proper software into such hooks, and this defeats the goal of widespread,
affordable and usable encryption for the masses.

Stanton McCandlish

unread,
Feb 22, 1995, 8:45:31 PM2/22/95
to
In article <strnlghtD...@netcom.com>,

David Sternlight <da...@sternlight.com> wrote:
>In article <1995022204...@eff.org>,
>Stanton McCandlish <me...@eff.org> wrote:
>
>Oy, Stanton, there you go again--just when I was becoming one of your fans
>over the CoS matter.
>
>I'll leave as an exercise for the reader the spotting of the many attempts
>at mind-reading and imputation of motives in the document.

No mind reading is necessary - various agencies of this government have
stated quite plainly what ITAR is for, why they want it there, why they
want Clipper, why they fear private sector crypto, etc. One Exec. branch
agency went so far as to bluntly state that the purpose of the ITAR
crypto restrictions was to retard the growth of a private sector crypto
market. There is no guesswork here.

>The sad thing is that the document and the lawsuit is basically a very good
>one and most of the material is on point.
>
>
>Can't you guys control your emotions when you're writing press releases--it
>does lead to the occasional bullet heading for the toe in that it loses you
>some reasonable and rational non-partisans who might ordinarily be useful
>allies.

I didn't write it, but will fwd your comments to the authors. I thought it
was pretty reasonable, but then again, I'm on this side of the glass...

>The basic idea of the lawsuit--that software is published, not manufactured,
>is an interesting one. I don't know if it will succeed, but it certainly
>produces an interesting case if a judge doesn't throw it out immediately on
>the basis that that fundamental assumption is legally flawed.

This is not at all the basic idea of the lawsuit. Books are also
manufactured, as are cassette tapes. And of course they are authored and
published at the same time. I don't think there's a author/publish v.
manufacture dichotomy here. The First Amendment protects manufactured
works of expression, even those that are not "expression" or "speech" as we
usually think of them (e.g. a Windows printer driver). The basic idea of
the lawsuit is that software is in fact published, period, whether or not
it is manufactured also. As a published item a piece of software is
protected by 1A, unless it's kiddie porn or threatens the President's
life or something equally directly illegal (and crypto is not illegal).

>Have you checked with some of the bigger Microsofts (TM) on the block, to

Of course. MS and other Big Guns in the software and computing worlds
have been with us on the crypto export fight right from the start. See
any file with the string "dpswg" in the filename at ftp.eff.org,
/pub/EFF/Policy/Crypto/ and subdirectories (they all have a list of the
members of our Digital Privacy and Security Working Group at the end of
the file. This list includes MS, Apple, Business Software Alliance, IBM,
IIA, ITAA, Iris, CBEMA, Lotus, IEEE, Oracle, Prodigy, Sun, TIA, TIS,
Hewlett-Packard, and DEC among others; I think the most telling member
of the DiPSWiG is the Software Publishers Association [!] - no one is
more adamant about software *publishers'* intellectual property rights).

>see if their interests would make them allies in supporting the notion of
>publish vs. manufacture, or if you're going to get cross-wise to them since
>manufacture has certain legal trade secret protections publish does not, I
>speculate? In addition, those who would support software patents are, I
>argue, likely to like "manufacture" and hate "publish."

I don't think so - "publish" is something of a buzzword in the software
world already. The thing is, there's no opposition among the many forms
of intellectual property protection, or between them and the Bill or Rights.
This is why CoS can claim both trade secret and copyright on their documents,
as well as freedom of speech and religion if anyone said they could not
publish these works. They are perhaps not a good example of what to DO with
one's int. prop. rights, but adequate as a demonstration of the fact that
multiple int. prop. rights and civil liberties can adhere all at once.
Likewise, if I design a new logo for EFF, we could both trademark and
copyright it, as well as exercize a right to display that logo on our
WWW page or our letterhead. [Addendum: there are SOME conflicts between
various int. prop. rights, but none of them are relevant here. I don't
mean to imply there are none, just none that apply in this case, far as
I can tell.]

>You may be goring big enough oxen with this through the law of unintended
>consequences that in the end it will fail because you will create rich,
>well-lawyered adversaries (other than the Feds) you force to take the other
>side.

We've heard no objections yet, and last I heard, the software publishers
we've been involved with have been chomping at the bit to tear down the
ITAR crypto restrictions because they're costing the publishers a fortune
and keeping them out of a potentially vast market.

>Interesting.

Yes, definitely, and I have no doubt that a lot of conflicts about
various sorts of int. prop. rights and other rights are arising and will
continue to appear, but we don't think this case will be directly
affected by them. Anyway, I don't mean to belittle your arg - I think
it's pretty sound in a lot of ways, and a few people down the line probably
will object (e.g. some software companies that make a lot of money rather
dishonestly with submarine patents, and who don't know about and don't
care about security software.) But most of the big players are very hot
on this crypto topic, so they can offer secure software, in one version
worldwide. Add to this "make our wordprocessor do encryption" desire the
recent trend to integrate Internet stuff, and the growing user/customer
(esp. corporate, $$ customer) concern about Internet security, and you've
got a pretty good reason, whether you are Symantec or MS or Apple or Sun or
Lotus, to take very minor risks to one form of intprop (presuming there
are any, which I'm not convinced of) in return for very probable huge
profits.

Stanton McCandlish

unread,
Feb 22, 1995, 8:52:19 PM2/22/95
to
In article <3ifvb0$h...@newshost.lanl.gov>,

J. S. Greenfield <gre...@lanl.gov> wrote:
>In article <1995022204...@eff.org> me...@eff.org (Stanton McCandlish) writes:
>> EFF SUES TO OVERTURN CRYPTOGRAPHY RESTRICTIONS
>> First Amendment Protects Information about Privacy Technologies
>
>[...]
>
>>The plaintiff in the suit is a graduate student in Mathematics at the
>>University of California at Berkeley named Dan Bernstein. Bernstein
>>developed an encryption equation, or algorithm, and wishes to publish the
>>algorithm, a mathematical paper that describes and explains the algorithm,
>>and a computer program that runs the algorithm. Bernstein also
>>wishes to discuss these items at mathematical conferences and other open,
>>public meetings.
>
>I presume that a decision was specifically made to *make* this a test case,
>right? After all, haven't cryptographers been publishing their results
>(prior to getting slapped with a secrecy order) for decades now, with
>impunity?

Yes, specifically because Mr. Bernstein HAS be "slapped" by the
department of state. Other cases would also be good, but this one's here
and it's now. Another one that I hope is pursued, either by EFF at some
point, or others, if necessary, is the Karn/Schneier export denial.

[the "technical data restrictions"]

>I'd be interested in knowing more about this, since I've been developing
>a library that has been planned for likely export, and which uses RSAREF
>2.0 (or code conforming to that interface) as a plug-in, containing the
>actual cryptographic routines.

See a prev. message in this thread on that very subject.

>> * egregiously violates the First Amendment by prohibiting private
>> speech on cryptography because the government wishes its own opinions
>> on cryptography to guide the public instead; and
>
>Who has put forth this interpretation? I certainly haven't heard of
>any agency claim such, let alone heard of any relevant legal action
>taken against somebody for such.

A White House legal office for one (said it was unconstitutional), and
another Exec. branch agency stated that ITAR's purpose was to retard the
growth of a private crypto market. Most of the relevant stuff should be
in subdirectories of ftp.eff.org, /pub/EFF/Legal/Cases, such as
Gilmore_v_NSA. I'm not sure of the exact files - there's a lot of
material there.

>If this were truly the case, this thread (not to mention a hell of a lot of
>other discussion on Usenet and elsewhere) could serve as a test case, in
>and of itself!

What was meant in this context was private speech on cryptography of a
technical nature - e.g. the "technical data" and specific algorithms, etc.
Private speech nonetheless, and protected under 1A.

Stanton McCandlish

unread,
Feb 22, 1995, 8:57:17 PM2/22/95
to
In article <3ig2uk$h...@shadow.cs.columbia.edu>,
John Kasdan <kas...@news.cs.columbia.edu> wrote:

>>The problem is that the government currently treats cryptographic software
>>as if it were a physical weapon and highly regulates its dissemination. Any
>>individual or company who wants to export such software -- or to publish
>>on the Internet any "technical data" such as papers describing encryption
>>software or algorithms -- must first obtain a license from the State
>>Department. Under the terms of this license, each recipient of the licensed
>>software or information must be tracked and reported to the government.
>>Penalties can be pretty stiff -- ten years in jail, a million dollar
>>criminal fine, plus civil fines. This legal scheme effectively prevents
>>individuals from engaging in otherwise legal communications about encryption.
>>
>
>Isn't this a bit of overstatement? As I understand it, all that you
>_can't_ post is actual code which implements the algorithm.

Which is otherwise legal communications about encryption.

>Descriptions, including pseudo-code, have been posted for, among
>others, RSA,DES,RC5 (and even code for RC4, although that's a
>different story) without being challenged. And remember, "technical

We didn't mean to imply *all* otherwise legal communications about
encryption, just some. Some is enough to make the case worthwhile. :)

>data," as the term is used in the ITAR, is a term of art and is
>defined so as to exclude compilable software.

AFAIK none of the "technical data" stuff has ever been tested in court,
at least in a relevant manner. There's no telling what this would or
could restrict and in what way until then, becaues it is overly broad and
vague.

>
>....
>
>>Full text of the lawsuit and other paperwork filed in the case is available
>>from the EFF's online archives. The exhibits which contain cryptographic
>>information are not available online, because making them publicly available
>>on the Internet could be considered an illegal export until the law is struck
>>down. We are still uploading some of the documents, including the main
>>complaint, so please try again later if what you want isn't there yet. See:
>>
>
>Same comments as above. However, Well Done!

Source code in "machine readable format" (i.e. not on paper...I guess the
US govt.'s never heard of scanners...) has been denied export, in the
Karn/Schneier _Applied_Cryptography_ CJ case.

--

charliemerritt

unread,
Feb 22, 1995, 9:08:12 PM2/22/95
to
I wonder what this law suit would mean if Zimmermann is
charged. Can his lawyer say "Your Honor: the legality
of the law is currently under litigation......" ???
Would this put a trial on hold? Any lawyers around?

David Sternlight

unread,
Feb 22, 1995, 11:27:29 PM2/22/95
to
In article <3igpbr$i...@eff.org>, Stanton McCandlish <me...@eff.org> wrote:
>In article <strnlghtD...@netcom.com>,
>David Sternlight <da...@sternlight.com> wrote:

<omitted>

On the basis of your assertion that "publish" does not preclude
"manufacture" and that arguing software is published and thus subject to the
related protections does not preclude the trade secret and patent
protections available to manufactures (whatever they are and whether one
agrees with them or not), I'm with you on this one.

David

Lawrence Garfield

unread,
Feb 23, 1995, 12:20:47 AM2/23/95
to
From: David Sternlight <strn...@netcom.com>
Reply to: David Sternlight <da...@sternlight.com>

> In addition, those who would support software patents are, I
>argue, likely to like "manufacture" and hate "publish."

That's why it's the Software Manufacturers (sic) Association, right?

elgar

Graham Toal

unread,
Feb 23, 1995, 12:53:35 AM2/23/95
to
rei...@kruppel.molbio.mssm.edu (John Reinitz) wrote:
> As an EFF member who was very displeased with EFF's handling of digital
> telephony, I'd just like to say:
>
> This is great! *Exactly* what the EFF ought to be doing. Best of
> luck to you guys!

Things have certainly improved since the firing of Berman, but I
don't know if I'm ready to come back yet. I'm disappointed they
showed no interest in AA BBS until *after* they were jailed, and
it will take a *long* time for me to forgive the DT sellout.

G

Andrew Bulhak

unread,
Feb 23, 1995, 4:44:12 AM2/23/95
to
John Reinitz (rei...@kruppel.molbio.mssm.edu) wrote:
: In article <1995022204...@eff.org>,
: Stanton McCandlish <me...@eff.org> wrote:
: > EFF SUES TO OVERTURN CRYPTOGRAPHY RESTRICTIONS
: > First Amendment Protects Information about Privacy Technologies
: >
: >February 21, 1995
: >San Mateo, California
: >
: >In a move aimed at expanding the growth and spread of privacy and
: >security technologies, the Electronic Frontier Foundation is sponsoring a
: >federal lawsuit filed today seeking to bar the government from restricting
: >publication of cryptographic documents and software. EFF argues that
: >the export-control laws, both on their face and as applied to users of
: >cryptographic materials, are unconstitutional.

: As an EFF member who was very displeased with EFF's handling of digital


: telephony, I'd just like to say:

: This is great! *Exactly* what the EFF ought to be doing. Best of
: luck to you guys!

I echo this sentiment. This is what the EFF should be doing. Keep it up.

This, however, could have considerable industry support (from companies
in, or wishing to enter, the cryptography business). The thing to see is
what will the EFF do about issues with less industry support (such as
S.314). Digital Telephony is a rather unpleasant precedent.

--
A n d r e w B u l h a k |
a...@yoyo.cc.monash.edu.au | "Andrew is well versed in mind control arts.
a...@molly.cs.monash.edu.au | Else, I would have less to do with him."
WS(tm) license #3.2774 | -- Wednesday <wedn...@tezcat.com>

Christian F. Goetze

unread,
Feb 23, 1995, 4:56:06 AM2/23/95
to
In article <3igp8h$h...@eff.org> me...@eff.org (Stanton McCandlish) writes:

[...] Also, few but hardcore techies can install the

proper software into such hooks, and this defeats the goal of widespread,
affordable and usable encryption for the masses.

Yeah! Job security!

John Reinitz

unread,
Feb 22, 1995, 12:21:50 PM2/22/95
to
In article <1995022204...@eff.org>,
Stanton McCandlish <me...@eff.org> wrote:
> EFF SUES TO OVERTURN CRYPTOGRAPHY RESTRICTIONS
> First Amendment Protects Information about Privacy Technologies
>
>February 21, 1995
>San Mateo, California
>
>In a move aimed at expanding the growth and spread of privacy and
>security technologies, the Electronic Frontier Foundation is sponsoring a
>federal lawsuit filed today seeking to bar the government from restricting
>publication of cryptographic documents and software. EFF argues that
>the export-control laws, both on their face and as applied to users of
>cryptographic materials, are unconstitutional.

As an EFF member who was very displeased with EFF's handling of digital


telephony, I'd just like to say:

This is great! *Exactly* what the EFF ought to be doing. Best of
luck to you guys!

And our own Dan Bernstein as a test case, too!

---
John Reinitz <rei...@kruppel.molbio.mssm.edu> v:212-241-1952 f:212-860-9279
USnail: Brookdale Center for Molecular Bio., Box 1126 Mt. Sinai Med. School,
One Gustave L. Levy Place, NYC, NY 10029 USA. I don't speak for/from Mt. Sinai.
email me for pgp 2.3a public key; k.f. = D7C9356AEBF0F04BDE380BBB3DB84E5E

Mike McNally

unread,
Feb 23, 1995, 9:16:47 AM2/23/95
to
c-go...@u-aizu.ac.jp (Christian F. Goetze) writes:
>Is providing
>hooks without actually providing the software already a violation of
>the export restrictions?

My experience is that "providing hooks" is indeed a violation. If you
go to the State department (or is it the Commerce department? I'm not
sure) and you say you'd like to export a product that has no embedded
cryptosystems but which supports an add-on API for encryption, they'll
say "No".


--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m...@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Message has been deleted

Stanton McCandlish

unread,
Feb 23, 1995, 1:08:05 PM2/23/95
to
In article <3ihldc$f...@harbinger.cc.monash.edu.au>,
Andrew Bulhak <a...@yoyo.cc.monash.edu.au> wrote:

>John Reinitz (rei...@kruppel.molbio.mssm.edu) wrote:
>: This is great! *Exactly* what the EFF ought to be doing. Best of
>: luck to you guys!
>
>I echo this sentiment. This is what the EFF should be doing. Keep it up.
>
>This, however, could have considerable industry support (from companies
>in, or wishing to enter, the cryptography business). The thing to see is
>what will the EFF do about issues with less industry support (such as
>S.314). Digital Telephony is a rather unpleasant precedent.
I'm not sure why you think that industry support in any way directs our
policy or mission. It does not. There was no industry support to speak
of for many of the things we've done, including defense of Craig Neidorf,
and lobbying for more sensible "computer crime" sentencing guidelines -
if anything there was negative industry support for this, due to hacker
hysteria and commercial-interest security concerns.

I'm also not sure why you think there's no industry interest in taking
out S314 - there's a whole lot of interest in this, from "traditional"
publishers, network access providers, software publishers, hardware
manufacturers, etc. A large number of companies and entire industries
will be adversely affected by net censorship.

But that's not why we're interested. EFF is a civil liberties public
interest organization, and our interest in seeing S314 derailed is
because it is a threat to public intellectual freedom.

J. S. Greenfield

unread,
Feb 23, 1995, 1:45:49 PM2/23/95
to
In article <3igpoj$i...@eff.org> me...@eff.org (Stanton McCandlish) writes:

>>I presume that a decision was specifically made to *make* this a test case,
>>right? After all, haven't cryptographers been publishing their results
>>(prior to getting slapped with a secrecy order) for decades now, with
>>impunity?
>
>Yes, specifically because Mr. Bernstein HAS be "slapped" by the
>department of state.

Holy Moly. What gives? Did he make a serious tactical error (i.e.,
disclosing his developments to the government prior to publishing), or
did someone close to him snitch before he had the chance?


>[the "technical data restrictions"]
>
>>I'd be interested in knowing more about this, since I've been developing
>>a library that has been planned for likely export, and which uses RSAREF
>>2.0 (or code conforming to that interface) as a plug-in, containing the
>>actual cryptographic routines.
>
>See a prev. message in this thread on that very subject.

Somehow that message seems to have slipped past me (or my newsreader). I
thought I had seen all of the thread, but I haven't seen that article. Do
you have a copy that you could email to me?

J. S. Greenfield

unread,
Feb 23, 1995, 1:49:44 PM2/23/95
to

>My experience is that "providing hooks" is indeed a violation. If you
>go to the State department (or is it the Commerce department? I'm not
>sure) and you say you'd like to export a product that has no embedded
>cryptosystems but which supports an add-on API for encryption, they'll
>say "No".

I'm not clear that this says much. I could easily see the State department
(read: NSA) saying "No" to such a request, if you *ask* such a thing--
regardless of whether or not they believe it falls under ITAR.

(Hell, if they don't *want* you to do it, it's worth a shot at saying "No"
and seeing if you'll blindly comply...)

William Unruh

unread,
Feb 23, 1995, 2:58:12 PM2/23/95
to
kas...@news.cs.columbia.edu (John Kasdan) writes:


>>The problem is that the government currently treats cryptographic software
>>as if it were a physical weapon and highly regulates its dissemination. Any
>>individual or company who wants to export such software -- or to publish
>>on the Internet any "technical data" such as papers describing encryption
>>software or algorithms -- must first obtain a license from the State
>>Department. Under the terms of this license, each recipient of the licensed
>>software or information must be tracked and reported to the government.
>>Penalties can be pretty stiff -- ten years in jail, a million dollar
>>criminal fine, plus civil fines. This legal scheme effectively prevents
>>individuals from engaging in otherwise legal communications about encryption.
>>

>Isn't this a bit of overstatement? As I understand it, all that you

No it is not. Technical Data is explicitely stated in ITAR to fall under the
licensing rules. The only time you can discuss it is if it is in the
"public domain" meaning it is published (ie black marks on a piece of
paper.)

>_can't_ post is actual code which implements the algorithm.
>Descriptions, including pseudo-code, have been posted for, among
>others, RSA,DES,RC5 (and even code for RC4, although that's a
>different story) without being challenged. And remember, "technical

Just because they have not been challenged does not mean that they are
legal.

>data," as the term is used in the ITAR, is a term of art and is
>defined so as to exclude compilable software.

From the definition of "Technical Data"

120.10(4) Software as defined in @ 121.8(f) of this subchapter directly related to
defense articles;

121.8
(f) Software includes but is not limited to the system functional design,
logic flow, algorithms, application programs, operating systems and support
software for design, implementation, test, operation, diagnosis and repair. A
person who intends to export software only should, unless it is specifically
enumerated in @ 121.1 (e.g., XIII(b)), apply for a technical data license
pursuant to part 125 of this subchapter.


From Catagory XIII- Auxiliary Military Equipment
(b) Information Security Systems and equipment, cryptographic devices,
software, and components specifically designed or modified therefor, including:...

Thus cryptographic software is a Defense Article, as well as being Technical Data
under 120.10(4)


Read ITAR with a lawyers mind - it really is an incredible piece of writing.
--
Bill Unruh
un...@physics.ubc.ca

Holger Hoffstaette

unread,
Feb 23, 1995, 4:08:44 PM2/23/95
to
Christian F. Goetze (c-go...@u-aizu.ac.jp) wrote:
[..]

>hooks without actually providing the software already a violation of
>the export restrictions?

NeXT have provided encryption hooks in their mail tool; they do not provide
the encryption/decryption code because of export restricions, but a PGP
plug-in exists and works fine. So, I guess the answer to your question is:
no, providing the hooks alone is not illegal.

Holger
--
Holger Hoffstaette // [eMail sendTo: @"ho...@darmstadt.gmd.de" NeXTMail: YES];

David L Evens

unread,
Feb 23, 1995, 4:37:22 PM2/23/95
to
Grady Ward (gr...@netcom.com) wrote:
: Christian F. Goetze (c-go...@u-aizu.ac.jp) wrote:
: : Great work!

: : But one thing I don't understand is why software producers don't simply
: : provide hooks for PGP? PGP is readily available outside the US (I had
: : no trouble getting it in japan) and a well-crafted tool. Is providing

: : hooks without actually providing the software already a violation of
: : the export restrictions?
: : --

: (A) Some platforms already provide those hook mechanisms.
: Macintoshes have "apple events" so any app can exploit
: MacPGP2.6.2 hooks if available.

: (B) According to ITAR/DTR *providing technical support* to
: one of the crypto programs, or providing allied or support
: software is *equivalent* to providing the munition software
: itself. Nicely vague. Everybody's guilty. Now be good
: and cow or we'll prosecute you.

: Luckily the EFF is providing some leadership here.

This would mean that it's illegal to export the MAC OS from the US.

There's more than one way to kill that beast...

--
---------------------------+--------------------------------------------------
Ring around the neutron, | "OK, so he's not terribly fearsome.
A pocket full of positrons,| But he certainly took us by surprise!"
A fission, a fusion, |
We all fall down! |
---------------------------+--------------------------------------------------

Stanton McCandlish

unread,
Feb 23, 1995, 4:46:43 PM2/23/95
to
In article <3iil4t$8...@newshost.lanl.gov>,

J. S. Greenfield <gre...@lanl.gov> wrote:
>In article <3igpoj$i...@eff.org> me...@eff.org (Stanton McCandlish) writes:
>
>>>I presume that a decision was specifically made to *make* this a test case,
>>>right? After all, haven't cryptographers been publishing their results
>>>(prior to getting slapped with a secrecy order) for decades now, with
>>>impunity?
>>
>>Yes, specifically because Mr. Bernstein HAS be "slapped" by the
>>department of state.
>
>Holy Moly. What gives? Did he make a serious tactical error (i.e.,
>disclosing his developments to the government prior to publishing), or
>did someone close to him snitch before he had the chance?
>

I guess I'm being unintentionally obtuse...

Our position is that the denial of export for Snuffle *is* a "slap" of
prior restraint against Bernstein publishing his material abroad. Didn't
meant to imply any other attempt to stop him from publishing in other
ways. But this one way is bad enough.

>>[the "technical data restrictions"]
>>
>>>I'd be interested in knowing more about this, since I've been developing
>>>a library that has been planned for likely export, and which uses RSAREF
>>>2.0 (or code conforming to that interface) as a plug-in, containing the
>>>actual cryptographic routines.
>>
>>See a prev. message in this thread on that very subject.
>
>Somehow that message seems to have slipped past me (or my newsreader). I
>thought I had seen all of the thread, but I haven't seen that article. Do
>you have a copy that you could email to me?

Not handy. If I were you I'd talk to Shari about this (sst...@eff.org),
since she's a lawyer and knows the relevant law better than I do.

Stanton McCandlish

unread,
Feb 23, 1995, 4:51:55 PM2/23/95
to
In article <3igqmc$i...@news1.delphi.com>,


From: Shari Steele <sst...@eff.org>
To: me...@eff.org
Subject: Re: EFF SUES TO OVERTURN CRYPTOGRAPHY RESTRICTIONS
Date: Thu, 23 Feb 1995 14:41:34 -0500

Hey there.
Feel free to post my response. The Bernstein legal team discussed the
implications, if any, of filing this suit with the Zimmermann investigation
still in heavy swing. I personally talked with Phil Zimmermann about it,
and some members of the Zimmermann and Karn legal teams read and critiqued
our complaint before it was filed. We all came to the same conclusion --
we couldn't see how our case could hurt Phil Z., but we could imagine how
it might very well help him.
Shari

Phil Karn

unread,
Feb 23, 1995, 6:21:14 PM2/23/95
to
In article <m5.793...@tivoli.com>, m...@tivoli.com (Mike McNally) writes:
|> My experience is that "providing hooks" is indeed a violation. If you
|> go to the State department (or is it the Commerce department? I'm not
|> sure) and you say you'd like to export a product that has no embedded
|> cryptosystems but which supports an add-on API for encryption, they'll
|> say "No".

Gee, I guess they'll have to go after USL and AT&T before them to get rid
of UNIX pipes. Lest some miscreant type something evil like

tar cvf - . | pgp -efa recipient | mail recipient

Sure looks like they "provide a hook for encryption" to me!

Phil

Brad Templeton

unread,
Feb 23, 1995, 6:42:30 PM2/23/95
to
In article <3ihldc$f...@harbinger.cc.monash.edu.au>,
Andrew Bulhak <a...@yoyo.cc.monash.edu.au> wrote:
>I echo this sentiment. This is what the EFF should be doing. Keep it up.
>
>This, however, could have considerable industry support (from companies
>in, or wishing to enter, the cryptography business). The thing to see is
>what will the EFF do about issues with less industry support (such as
>S.314). Digital Telephony is a rather unpleasant precedent.

I would think that there are several industries that will be glad to
support the fight against S.314. The online industry should be
happy to, and its newest entrants, Microsoft, AT&T and Apple computer,
have considerable resources, as do the other services.

And failing them, the newspapers of the USA, who are both wealthy and
powerful, may want to fight this bill. I hope they do.
--
Brad Templeton, publisher, ClariNet Communications Corp. | www.clarinet.com
The net's #1 Electronic newspaper (circulation 85,000) | in...@clarinet.com

David Sternlight

unread,
Feb 23, 1995, 6:57:01 PM2/23/95
to
In article <3iiv6i$o...@ccshst05.cs.uoguelph.ca>,

David L Evens <dev...@uoguelph.ca> wrote:
>
>This would mean that it's illegal to export the MAC OS from the US.

No. The ordinary (pre System 7 pro or System 7.5) Mac OS has no specific
crypto hooks. What would be illegal would be an e-mail or editor program
with embedded calls to PGP, whether you included PGP with the xport or not.

System 7 pro and System 7.5 contain hooks to authentication and digital
signatures. Those have been given an export license. In fact, the
authentication and signature components are included, and they're standard
PKCS.

The interesting question is what would happen if someone created a version
of, say, PGP which responded to the Apple Events calls and
encrypted/decrypted instead of signing/authenticating. But maybe Apple had
to hard-wire those Apple events into the System, so you can't just drop in
PGP in place of the Apple Signer software.

David

Dan Lanciani

unread,
Feb 23, 1995, 10:41:00 PM2/23/95
to
In article <strnlghtD...@netcom.com>, strn...@netcom.com (David Sternlight) writes:

[...]


| System 7 pro and System 7.5 contain hooks to authentication and digital
| signatures. Those have been given an export license.

[...]

Could you expand on this? I've seen statements like this (``x has been
licensed for export'') but the very form seems to contradict my (admittedly
limited) understanding of export licenses. As I understand it (this is
based on sitting in on a few meetings with export consultants to determine
software export requirements and following through the discussed procedures),
there are three categories of export licenses:

1. General, non-validated licenses. These are the ones that anyone can use
without application to a government entity, provided the commodity in question
falls within the bounds of the license. Example are GDEST (general
destination?) and GDTA (or is it GTDA--I always get confused and I think
the names changed recently anyway). The literature describing the general
icenses includes allowed destinations and may require certain letters of
assurance from the recipient, but this is all the responsibility of the
exporter. (The export consultants provide nice template letters.)

2. Individual, validated licenses. These are the ones that are issued
on a per-event basis by the agency having jurisdiction. They are
specific to a particular exporter exporting a particular commodity to
a particular recipient at (I think) a particular time.

3. Self-audited, individual, validated licenses. These are like (2)
but for high-volume exporters. The exporter has to keep all sorts of
interesting records and is subject to audits to make sure they are doing
everything right. The license itself is still per-event.

Now, when people talk about a product being licensed for export, I'm
not quite sure what license they mean. It is possible that they mean
that the mechanism for (3) has been put in place, but it seems unlikely
for mass-market software products. Unless there is a forth kind of license,
I suspect the meaning is that, either in consultation with export lawyers or
by obtaining a commodity jurisdiction ruling, they have determined that the
commodity fits one of the general licenses in (1) and thus can be exported
to friendly places without an additional license. In other words, it was
always exportable but they wanted to be sure it was ok.

On the other hand, if there is a kind of export license that you can get
per-product (rather than per-event) for items that are not exportable
under a general license, I'd really like to know about it. Any pointers
appreciated...

Dan Lanciani
ddl@harvard.*

Paul Rubin

unread,
Feb 23, 1995, 11:27:23 PM2/23/95
to
In article <3igqmc$i...@news1.delphi.com>,
charliemerritt <charlie...@bix.com> wrote:

That would be really neat it it works. You could also put OJ's trial
on hold by filing a suit against the validity of the murder laws.

Stanton McCandlish

unread,
Feb 23, 1995, 1:02:11 PM2/23/95
to
In article <3ih7sv$4...@taco.vt.com>, Graham Toal <gt...@gtoal.com> wrote:
>rei...@kruppel.molbio.mssm.edu (John Reinitz) wrote:
>> As an EFF member who was very displeased with EFF's handling of digital
>> telephony, I'd just like to say:
>>
>> This is great! *Exactly* what the EFF ought to be doing. Best of
>> luck to you guys!
>
>Things have certainly improved since the firing of Berman, but I
>don't know if I'm ready to come back yet. I'm disappointed they
>showed no interest in AA BBS until *after* they were jailed,

This is just simply false.

>and
>it will take a *long* time for me to forgive the DT sellout.

I've gone over this a zillion times, so I won't do it again here - I'm
not going to try to convince you with words that we've done the right thing
- history will prove it one way or the other.

All can say is I hope you'll support us in this effort. You don't have
to be a member or "come back" and contribute general funds if you don't
want to - any donations for the Bernstein case can be earmarked for that
and nothing else if you say it's for this case in a cover letter.

The Electronic Frontier Foundation
1667 K St. NW, Suite 801
Washington DC 20006-1605 USA
+1 202 861 7700 (voice)
+1 202 861 1258 (fax)
+1 202 861 1223 (BBS - 16.8k ZyXEL)
+1 202 861 1224 (BBS - 14.4k V.32bis)
Internet: a...@eff.org
Internet fax gate: remote-pr...@8.5.2.1.1.6.8.2.0.2.1.tpc.int

Joe Francis

unread,
Feb 24, 1995, 4:40:42 AM2/24/95
to
Stanton McCandlish, me...@eff.org writes:
>In a move aimed at expanding the growth and spread of privacy and
>security technologies, the Electronic Frontier Foundation is sponsoring a
>federal lawsuit filed today seeking to bar the government from restricting
>publication of cryptographic documents and software. EFF argues that
>the export-control laws, both on their face and as applied to users of
>cryptographic materials, are unconstitutional.


yyyYES!!!

I can't begin to tell you how happy I am to hear this. This is the
single most important item on my list of "things I'd like to see
happen" for a long time. Since 1982, to be exact. :)

I'm excited to hear that EFF thinks a case can be made on
constitutional grounds. I've long felt that the restrictions were
incompatible with free speech preservation, but I am not a lawyer.

Let me know if there is anything (more) I can do to help. I was
considering letting my EFF membership expire this time, but not
anymore.

I believe I have the right to speak any mathematics I want.

--------------------------------------------------------------------------
Will hack macs for food. Have debugger, will travel.
--------------------------------------------------------------------------

slowdog

unread,
Feb 24, 1995, 1:05:45 PM2/24/95
to
br...@clarinet.com wrote:

> Andrew Bulhak <a...@yoyo.cc.monash.edu.au> wrote:

> >This, however, could have considerable industry support (from companies
> >in, or wishing to enter, the cryptography business). The thing to see is
> >what will the EFF do about issues with less industry support (such as
> >S.314). Digital Telephony is a rather unpleasant precedent.

> I would think that there are several industries that will be glad to
> support the fight against S.314. The online industry should be
> happy to, and its newest entrants, Microsoft, AT&T and Apple computer,
> have considerable resources, as do the other services.

Yes, so much resources in fact that they would probably be able to COMPLY
with the restrictions imposed by this bill. They might not have to fight
it, because they might be able to live with it.


- dog
http://www.phantom.com/~slowdog
Keep the Government's Hands Off the Net!

Dennis Glatting

unread,
Feb 24, 1995, 11:13:08 AM2/24/95
to
In article <3ik9iq$c...@dartvax.dartmouth.edu>,

Joe Francis <Joe.F...@dartmouth.edu> wrote:
>Stanton McCandlish, me...@eff.org writes:
>>In a move aimed at expanding the growth and spread of privacy and
>>security technologies, the Electronic Frontier Foundation is sponsoring a
>>federal lawsuit filed today seeking to bar the government from restricting
>>publication of cryptographic documents and software. EFF argues that
>>the export-control laws, both on their face and as applied to users of
>>cryptographic materials, are unconstitutional.
>
>
>yyyYES!!!
>

Are there T-shirts available?


-dpg

--

Dennis P. Glatting / CyberSAFE Corporation
Network and Security Infrastructure Architect

Lazlo Nibble

unread,
Feb 24, 1995, 3:01:15 PM2/24/95
to
me...@eff.org (Stanton McCandlish) writes:

>> it will take a *long* time for me to forgive the DT sellout.
>
> I've gone over this a zillion times, so I won't do it again here - I'm
> not going to try to convince you with words that we've done the right
> thing - history will prove it one way or the other.

With all due respect, Stanton, history will do no such thing, because it
*can* do no such thing. When EFF took the path they chose to take on DT,
they made it impossible to disprove their assumptions about the
inevitability of a more draconian bill being passed.

--
::: Lazlo (la...@rt66.com)
::: http://rt66.com/lazlo/ features Discographies, Record
::: Collecting Resources, The Internet Music Wantlists, and more.

David Sternlight

unread,
Feb 24, 1995, 5:07:35 PM2/24/95
to
In article <Pine.BSI.3.91.950223...@cais3.cais.com>,

:-)

David
--
"I don't understand why they call it public broadcasting. As far as I am
concerned, there's nothing public about it; it's an elitist enterprise.
'Rush Limbaugh' is public broadcasting." Newt Gingrich

T. Bruce Tober

unread,
Feb 24, 1995, 6:44:36 PM2/24/95
to
In article <3il4do$q...@eff.org> me...@eff.org "Stanton McCandlish" writes:

> Xref: demon alt.bbs.allsysop:6488 alt.censorship:16230
> alt.politics.datahighway:5324 alt.privacy:11871 alt.security.pgp:19557
> alt.wired:13947 comp.org.cpsr.talk:3570 comp.org.eff.talk:22200
> misc.int-property:5710 misc.legal:39838 sci.crypt:13469
> talk.politics.crypto:7465
> Path: crecon.demon.co.uk!demon!peernews.demon.co.uk!doc.news.pipex.net!pipex!
> howland.reston.ans.net!europa.eng.gtefsd.com!news.mathworks.com!news.duke.edu!
> eff!eff!not-for-mail
> From: me...@eff.org (Stanton McCandlish)
> Newsgroups: alt.bbs.allsysop,alt.censorship,alt.politics.datahighway,
> alt.privacy,alt.security.pgp,alt.wired,comp.org.cpsr.talk,comp.org.eff.talk,
> misc.int-property,misc.legal,sci.crypt,talk.politics.crypto


> Subject: Re: EFF SUES TO OVERTURN CRYPTOGRAPHY RESTRICTIONS

> Date: 24 Feb 1995 12:18:48 -0500
> Organization: Electronic Frontier Foundation
> Lines: 26
> Distribution: inet
> Message-ID: <3il4do$q...@eff.org>
> References: <1995022204...@eff.org> <C-GOE
> TZE.95Fe...@akebono.u-aizu.ac.jp> <3ik9iq$c...@dartvax.dartmouth.edu>
> <3il0ik$i...@kerby.ocsg.com>
> NNTP-Posting-Host: eff.org
>
> In article <3il0ik$i...@kerby.ocsg.com>,


> Dennis Glatting <den...@news-srvr.CyberSAFE.COM> wrote:
> >In article <3ik9iq$c...@dartvax.dartmouth.edu>,
> >Joe Francis <Joe.F...@dartmouth.edu> wrote:
> >>Stanton McCandlish, me...@eff.org writes:
> >>>In a move aimed at expanding the growth and spread of privacy and
> >>>security technologies, the Electronic Frontier Foundation is sponsoring a
> >>>federal lawsuit filed today seeking to bar the government from restricting
> >>>publication of cryptographic documents and software. EFF argues that
> >>>the export-control laws, both on their face and as applied to users of
> >>>cryptographic materials, are unconstitutional.
> >>
> >>
> >>yyyYES!!!
> >>
> >
> >Are there T-shirts available?
>

> Not about the case in particular, though we have general EFF t-shirts.
> Still this might be a good idea. Any specifics come to mind?

"I believe I have the right to speak any mathematics I want." comes
immediately to mind.
--

=======================================================================
tbt |"It is dangerous to be right in
|matters on which the established
|authorities are wrong."
Octob...@crecon.demon.co.uk |Voltaire
=======================================================================

Jim Grubs, W8GRT

unread,
Feb 24, 1995, 6:49:26 PM2/24/95
to
-----BEGIN PGP SIGNED MESSAGE-----

me...@eff.org (Stanton McCandlish) writes:

| deployment of this technology. The U.S. government has opposed such
| deployment, fearing that its citizens will be private and secure from
| the government as well as from other vandals.
^^^^^^^^^^^^^

Love it!

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: jgr...@voxbox.norden1.com

iQCVAwUBL05w6N74r4kaz3mVAQE/EQP/WHfv05sFSr8/Fkqi9QBlVZAMCmnQqezj
ZkdeSOS78Peea1sPanfZffKbC4SgLqCo321qs5Sui7V5Ep8hWg8D63z4gzMIQccn
27ztIOPCr5HHYtfVGdK6Q19+ohM7f+6itDPjcL6553xOo+3SYCax0FJhNz3yl9Sl
RxT2jvZMvMM=
=5r8z
-----END PGP SIGNATURE-----

J. S. Greenfield

unread,
Feb 24, 1995, 11:49:10 PM2/24/95
to
In article <3il4be$q...@eff.org> me...@eff.org (Stanton McCandlish) writes:

>>I believe I have the right to speak any mathematics I want.
>

>So do we.

So EFF takes the position that folks should be able to publish the mathematics
governing the latest nuclear weapon designs (if one should happen to get
such information)?

Methinks "So do we." is probably too general a statement of EFF's position. :)


I rather suspect that EFF's actual position, with regard to this matter, is
far more limited--something along the lines of "Export of cryptography does
not present a significant enough threat to legitimate governmental interests
to justify the rather draconian abuses of the First Amendment embodied
(or claimed to be embodied) by ITAR."

Timothy C. May

unread,
Feb 25, 1995, 2:55:17 PM2/25/95
to
J. S. Greenfield (gre...@lanl.gov) wrote:

: So EFF takes the position that folks should be able to publish the mathematics


: governing the latest nuclear weapon designs (if one should happen to get
: such information)?

I don't know about EFF, but many of us think so. Anonymous remailers
and information markets like BlackNet make this easy to do.

Besides, a terrorist nuclear bomb used on Washington could be the best
thing to happen to this country! (My main worry is that the Beltway
Bandits are so far from the city center that only a 20-MT airburst
could take them out, and this is far beyond what any terrorist group
could manage.)

--Tim May
--
..........................................................................
Timothy C. May | Crypto Anarchy: encryption, digital money,
tc...@netcom.com | anonymous networks, digital pseudonyms, zero
| knowledge, reputations, information markets,
W.A.S.T.E.: Aptos, CA | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majo...@toad.com with body message of only:
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay


Phillip M. Hallam-Baker

unread,
Feb 25, 1995, 3:13:13 PM2/25/95
to

In article <3il0ik$i...@kerby.ocsg.com>, den...@news-srvr.CyberSAFE.COM (Dennis Glatting) writes:

|>Are there T-shirts available?

You know a lot of people seem to be far more concerned by T-Shirts than by the
issues.

Had the big red button got pushed and the four minute warning been sent across
the Web I'm sure that there would be a CFT (Call For T-Shirts).


--
Phillip M. Hallam-Baker

Not Speaking for anyone else.

Jeff A Licquia

unread,
Feb 25, 1995, 8:49:05 PM2/25/95
to
J. S. Greenfield (gre...@lanl.gov) wrote:
: In article <3il4be$q...@eff.org> me...@eff.org (Stanton McCandlish) writes:

: >>I believe I have the right to speak any mathematics I want.
: >
: >So do we.

: So EFF takes the position that folks should be able to publish the mathematics
: governing the latest nuclear weapon designs (if one should happen to get
: such information)?

Nuclear plans aren't a language - they're a content, expressable in many
different languages. Crypto is more akin to a language; it's just one with
the unique property that only the intended listener can understand it. :-)

--
----------------------------------------------------------------------
Jeff Licquia (lame .sig, huh?) | Finger for PGP 2.6 public key
jali...@prairienet.org | Me? Speak for whom? You've got
lic...@cei.com (work) | to be kidding!

Jim Osborn

unread,
Feb 25, 1995, 11:14:38 PM2/25/95
to
J. S. Greenfield <gre...@lanl.gov> wrote:
>I rather suspect that EFF's actual position, with regard to this matter, is
>far more limited--something along the lines of "Export of cryptography does
>not present a significant enough threat to legitimate governmental interests
>to justify the rather draconian abuses of the First Amendment embodied
>(or claimed to be embodied) by ITAR."

But Bernstein is not allowed to publish WITHIN THE US! Export restrictions
aside, these rules are clearly aimed at keeping citizens of the US under
the thumb of its government. Just the sort of thing the guys were
worried about back in the 1780s.

ji...@eskimo.com

Jonathan Cano

unread,
Feb 25, 1995, 10:14:43 PM2/25/95
to
In article <3il4do$q...@eff.org>, me...@eff.org (Stanton McCandlish) says:
>
>In article <3il0ik$i...@kerby.ocsg.com>,
>Dennis Glatting <den...@news-srvr.CyberSAFE.COM> wrote:
>>In article <3ik9iq$c...@dartvax.dartmouth.edu>,
>>Joe Francis <Joe.F...@dartmouth.edu> wrote:
>>>Stanton McCandlish, me...@eff.org writes:
>>>>In a move aimed at expanding the growth and spread of privacy and
>>>>security technologies, the Electronic Frontier Foundation is sponsoring a
>>>>federal lawsuit filed today seeking to bar the government from restricting
>>>>publication of cryptographic documents and software. EFF argues that
>>>>the export-control laws, both on their face and as applied to users of
>>>>cryptographic materials, are unconstitutional.
>>>
>>>
>>>yyyYES!!!
>>>
>>
>>Are there T-shirts available?
>
>Not about the case in particular, though we have general EFF t-shirts.
>Still this might be a good idea. Any specifics come to mind?

No good t-shirt ideas here but I'd definitely buy one if was about
this law suit and EFF fighting for free speech/privacy/strong encryption.

This would be a cool way to contribute.

--jfc

Steve Brinich

unread,
Feb 25, 1995, 10:34:29 AM2/25/95
to
> So EFF takes the position that folks should be able to publish the
>mathematics governing the latest nuclear weapon designs (if one should
>happen to get such information)?

If that possibility worries you, you'd better sit down before continuing:

1. Every good college course in nuclear physics includes enough information
to let a bright student figure it out -- which has been done.

2. What's more, it's been published (remember the _Progressive_ case from
the early 80s?)

--
Steve Brinich | If you won't turn off the program | Finger PGP key
ste...@digex.net| when you leave sick bay, |89B992BBE67F7B2F
GEnie: S.BRINICH | you could at least run the screensaver. |64FDF2EA14374C3E

Childers James

unread,
Feb 25, 1995, 10:59:24 PM2/25/95
to
jona...@cruzio.com (Jonathan Cano) writes:

>>>Are there T-shirts available?
>>
>>Not about the case in particular, though we have general EFF t-shirts.
>>Still this might be a good idea. Any specifics come to mind?

>No good t-shirt ideas here but I'd definitely buy one if was about
>this law suit and EFF fighting for free speech/privacy/strong encryption.

How about something like this: In big letters across the top "NSA", then
below that "We're NOT Big Brother, ok?"

My two bits...


--
"Freedom is meaningless unless | ic...@jove.acs.unt.edu
you can give to those with whom| Finger me for PGP public key!
you disagree." - Jefferson | The fnords will show you everything
EA 73 53 12 4E 08 27 6C 21 64 28 51 92 0E 7C F7

William J. Evans

unread,
Feb 26, 1995, 1:52:38 AM2/26/95
to
-----BEGIN PGP SIGNED MESSAGE-----

=== Nothing above this line is part of the message. ===
ic...@jove.acs.unt.edu (Childers James) wrote:
:How about something like this: In big letters across the top "NSA", then


:below that "We're NOT Big Brother, ok?"

This is a troll, right?

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBL1Arlu7FqQNEGv6lAQGeEQP9Hc6Fcfz6MGDnB677v1rFjeS1tmtVazKJ
Fi0EkA5zB8CzcaSUBlOvAQYzz8VlshhcOEUMYEYPH0LF+oF9ju5ckN/cSrHDkiPe
BtY7z/8+qMWXvGit+qX0Er4boRqbbQnKpnL0kGMKGUJ2utM0MLBAsnI555fRJMKI
BOETAv9TE7c=
=Nhyd
-----END PGP SIGNATURE-----

--
Bill Evans P.O. Box 4829 Irvine, CA 92716 (714)551-2766 _ /| ACK!
Email-To: w...@acm.org -- PGP encrypted mail preferred. -- \`o_O' /
Finger w...@netcom.com for public key (and Geek code). =( )=
PGPprint: FB D0 1C 1D EF DC 26 BA B3 9E 84 0B 40 D6 59 9C U

WHMurray

unread,
Feb 26, 1995, 9:49:05 AM2/26/95
to
>But Bernstein is not allowed to publish WITHIN THE US! Export
restrictions
>aside, these rules are clearly aimed at keeping citizens of the US under
>the thumb of its government. Just the sort of thing the guys were
>worried about back in the 1780s.

Got it didn't you? According to an article in "Wired," the government is
planning to go ahead with its prosecution of Phil Zimmerman that rests on
the premise that publication is equivalent to export.

Graham Murray

unread,
Feb 26, 1995, 1:22:03 PM2/26/95
to
In article <m5.793...@tivoli.com>

m...@tivoli.com (Mike McNally) writes:
>
> My experience is that "providing hooks" is indeed a violation. If you
> go to the State department (or is it the Commerce department? I'm not
> sure) and you say you'd like to export a product that has no embedded
> cryptosystems but which supports an add-on API for encryption, they'll
> say "No".

So, don't say that the hooks are for encryption. Instead provide
hooks for "Changing the externally stored representation of the
data". Then provide sample functions to perform ASCII/EBCDIC
conversion, and compression.

Keith Lofstrom

unread,
Feb 26, 1995, 6:38:53 PM2/26/95
to

me...@eff.org (Stanton McCandlish) writes:
> I believe I have the right to speak any mathematics I want.

J. S. Greenfield (gre...@lanl.gov) writes:
> So EFF takes the position that folks should be able to publish the mathematics
> governing the latest nuclear weapon designs (if one should happen to get
> such information)?

E = MC^2 . Jail me.

Espionage remains espionage. If someone steals bomb designs, or even secret
government cryptography information, they should be shot for treason.
If they develop their own bomb designs, or crypto designs, then the
government should hire them and pay them to shut up (then shoot them for
treason if they violate the contract).

Crypto is like nukes in that a competent group of researchers can use
the open literature and come up with reasonably effective designs in
a few years. Unlike nukes, crypto research can be performed with
readily available resources and in complete secrecy. Also unlike
nukes, the weaknesses of a crypto scheme can found in complete secrecy,
and that is where our reliance on secretly developed crypto schemes
is a grave threat to our national security.

Only if a broad class of crypto schemes are available in the open literature,
capable of being attacked by anyone, can we find out which schemes have
subtle vulnerabilities. We shouldn't reveal the schemes the government
is using, of course, but no doubt open research will contain similar ones,
and government researchers can observe how the similar open schemes fare.

If a government researcher's pet crypto algorithm is shown to be worthless
by similar public research, that may destroy a career. On the other hand,
not being aware of a scheme's weaknesses could destroy the country. Is
protecting the jobs of our crypto researchers more important than protecting
our country?


Keith
--
Keith Lofstrom kei...@klic.rain.com Voice (503)-520-1993
KLIC --- Keith Lofstrom Integrated Circuits --- "Your Ideas in Silicon"
Design Contracting in Bipolar and CMOS - Analog, Digital, and Power ICs

Chris DiBona

unread,
Feb 26, 1995, 10:25:29 PM2/26/95
to
tc...@netcom.com (Timothy C. May) wrote:
>
> J. S. Greenfield (gre...@lanl.gov) wrote:
>
> : So EFF takes the position that folks should be able to publish the mathematics
> : governing the latest nuclear weapon designs (if one should happen to get
> : such information)?
>
> I don't know about EFF, but many of us think so. Anonymous remailers
> and information markets like BlackNet make this easy to do.
>
> Besides, a terrorist nuclear bomb used on Washington could be the best
> thing to happen to this country! (My main worry is that the Beltway
> Bandits are so far from the city center that only a 20-MT airburst
> could take them out, and this is far beyond what any terrorist group
> could manage.)
>
> --Tim May


Two things:

First of all timmy, myself and the four million other folks living here (DDC MMetro Area))
might disagree with your little suggestion to turn us to black glass, you are a
crude person, there is such a thing as a joke made in bad taste.

Secondly, do you really think all the facts about nuclear weapons design have been
simply made available? Some oldr info, I have no probllem agreeing with that, but
I'd have to be a simple fool to think that we'd (the usa) simply allow ppublishing of such info.

Sorry, hope that didn't sound too flamey.


Chris DiBona


Chris DiBona

unread,
Feb 26, 1995, 10:30:51 PM2/26/95
to
kei...@chip.klic.rain.com (Keith Lofstrom) wrote:

> E = MC^2 . Jail me.

> Crypto is like nukes in that a competent group of researchers can use


> the open literature and come up with reasonably effective designs in
> a few years. Unlike nukes, crypto research can be performed with
> readily available resources and in complete secrecy. Also unlike
> nukes, the weaknesses of a crypto scheme can found in complete secrecy,
> and that is where our reliance on secretly developed crypto schemes
> is a grave threat to our national security.
>

> If a government researcher's pet crypto algorithm is shown to be worthless


> by similar public research, that may destroy a career. On the other hand,
> not being aware of a scheme's weaknesses could destroy the country. Is
> protecting the jobs of our crypto researchers more important than protecting
> our country?


Okay, first, sorry for quoting so much Second.

You have hit the nail on the head. I hate to use a phrase like common
knowledge for an issue like this, but I've heard NSA boys say it tooo :

"The keys and messages are classified and the algoritims shouldn't be."

this is because.... if an algorthim can't stand the unfocused intensity of the
public, it can't stand the focused intesity of a foreign power.

And that is why Capstone/clipper isn't rated for classified comm.

Chris

PS: I guess I just restated what you said. Anyhow.....

Olaf Titz

unread,
Feb 26, 1995, 10:35:05 AM2/26/95
to
In article <3il4do$q...@eff.org>, Stanton McCandlish <me...@eff.org> wrote:
> >Are there T-shirts available?
> Not about the case in particular, though we have general EFF t-shirts.
> Still this might be a good idea. Any specifics come to mind?

How about this one:
Run this thru TeX and print it on a shirt:

\def\mod{\hbox{ mod }}
$$
\forall p,q \hbox{ prime}, n=pq; c,d > 1, cd \mod (p-1)(q-1) = 1:
((a^c) \mod n)^d \mod n = a
$$

olaf
--
___ Olaf...@inka.de or @{stud,informatik}.uni-karlsruhe.de ____
__ o <URL:http://www.rz.uni-karlsruhe.de/~uknf/> <IRC:praetorius>
__/<_ >> Just as long as the wheels keep on turning round
_)>(_)______________ I will live for the groove 'til the sun goes down << ____

Joe Francis

unread,
Feb 27, 1995, 10:23:34 AM2/27/95
to
>>>I believe I have the right to speak any mathematics I want. [Joe Francis]

>>So do we. [Stanton McCandlish of EFF]

>So EFF takes the position that folks should be able to publish the
>mathematics governing the latest nuclear weapon designs (if one should

>happen to get such information)? [J. S. Greenfield]

I don't know if EFF does, but I certainly do.

--------------------------------------------------------------------------
"If I were a civil liberties group..." - David Sternlight 7/29/94
--------------------------------------------------------------------------

Joe Francis

unread,
Feb 27, 1995, 10:32:40 AM2/27/95
to
T. Bruce Tober, Octob...@crecon.demon.co.uk writes:
>"I believe I have the right to speak any mathematics I want." comes
>immediately to mind.

I have to admit, I'd be honored if that were used.

Richard Tobin

unread,
Feb 27, 1995, 1:49:35 PM2/27/95
to
In article <793848...@barnowl.demon.co.uk> gra...@barnowl.demon.co.uk (Graham Murray) writes:
>So, don't say that the hooks are for encryption.

I don't think they're interested in what you *say* the hooks are for,
they're interested in what they *are* for. Maybe you could fool them,
and maybe you could have some other use for them, but you wouldn't
want to rely on a defence like that.

This seems to be a common misconception on the net, that if you can
find a way to describe something that is a description of something
legal then the thing actually is legal. A little thought should
convince you that this doesn't work.

-- Richard

Padgett 0sirius

unread,
Feb 27, 1995, 6:02:42 AM2/27/95
to

kei...@chip.klic.rain.com (Keith Lofstrom) wrote:
> Crypto is like nukes in that a competent group of researchers can use
> the open literature and come up with reasonably effective designs in
> a few years.

The big problem is that there is *so much* open literature out there that
it is difficult to separate the wheat from the chaff. One of the keys to
being "competent" lies in being able to separate the brilliance from the BS
since often to the uneducated they look the same.

For instance, if you come across a discussion of the "twist in the soda
straws" is it referring to a) a high-school senior physics class catapult
project, b) multi-staged nuclear weapon design, or c) fiction from a novel ?

The fact is that if you know enough to be able to separate fact from
fiction (and there is a *lot* more of the second), you probably do not need
it.

Now the follow on (why Clipper/Skipjack et al is not approved for classified
data), I suspect that the algorithm is strong enough, it is the LEAF that
makes it unsuitable (since I haven't been told, am free to conjecture) as
there is no requirement that the keys be properly protected or even changed.

While conjecturing, the persistant question is "why is Skipjack
classified ?". In the late fifties the Air Force commisioned a design for a
high altitude mach-many interceptor (XF-106 ? I forget). This required a
special ultra-high-bypass turbojet engine that essentially became a ramjet
at operational speed. The plane was canceled but no one noticed that the
funding for the Pratt & Whitney J-58 engine continued. The reason was that
it was needed for the vedy-vedy black YF-12 (later the SR-71).

Sometimes things are used for more things than are publicised and it would
have been easier for the NSA to have picked up an existing proven design
than to come up with a whole new one just because some politicos over on the
hill asked for something that would never get beyond the planning stage
anyway. Just a thought & probably pure fiction 8*).

A. Padgett Peterson, P.E.
Cybernetic Psychophysicist
Totally Obsessed with TransOceanics
My other car is a Pontiac too
We also walk dogs
PGP 2.7 Public Key Available

Robert I. Eachus

unread,
Feb 27, 1995, 2:08:38 PM2/27/95
to
In article <3irgn9$q...@portal.gmu.edu> Chris DiBona <cdi...@osf1.gmu.edu> writes:

> Secondly, do you really think all the facts about nuclear weapons
> design have been simply made available? Some oldr info, I have no
> probllem agreeing with that, but I'd have to be a simple fool to
> think that we'd (the usa) simply allow ppublishing of such info.

Assuming you have a workstation or a 486 PC or the like on your
desk, you have more computing resources available than ALL the
mathematicians and engineers on the Manhattan Project had. They used
Marchant and Burroughs electromechanical desk calculators for the most
part. The ENIAC was used for some caluclations on the Super--the
H-bomb--but I have literally run ENIAC software faster on a pocket
calculator.

There are only a few key experimental numbers needed, and--worst
case--they can be measured empirically IF you have a source of
bomb-grade Uranium or Plutonium. In fact you would need to, in any
case, to tailor the weapon to the materials used.

The real reason why you shouldn't care is that nuclear weapons,
once upon a time were a viable stategic threat, but no longer. And in
any case, they have never been very cost effective. Remember the
civilians in the Gulf War killed in a nuclear hardened shelter? (And
for that matter the military in the actual target of the attack, the
communciations center underneath.)

If the terrorists at the World Trade Center had done a better (or
worse depending on your point of view) job of placing the truck, they
could have brought the buildings down at a very small fraction of the
cost of a nuclear device. (The most costly part of the bomb--the
truck--was rented.) As it was, the estimated cost to the New York
City's economy has been estimated at 5 billion dollars.

So don't be afraid of terrorists with nuclear weapons--treat all
terrorist equally.


--

Robert I. Eachus

with Standard_Disclaimer;
use Standard_Disclaimer;
function Message (Text: in Clever_Ideas) return Better_Ideas is...

Michael Kaufman

unread,
Feb 27, 1995, 5:21:32 PM2/27/95
to
In article <D4Ko...@news.cern.ch>,

Phillip M. Hallam-Baker <hal...@dxal18.cern.ch> wrote:
>You know a lot of people seem to be far more concerned by T-Shirts than by the
>issues.

>Had the big red button got pushed and the four minute warning been sent across
>the Web I'm sure that there would be a CFT (Call For T-Shirts).

What's your point?

Michael

--
| I've seen things you people wouldn't believe. Attack
Michael L. Kaufman | ships on fire off the shoulder of Orion. I watched
kau...@mcs.com | C-beams glitter in the dark near the Tannhauser gate.
| All those moments will be lost in time - like tears
| in rain. Time to die. Roy Batty - Blade Runner

Lizard

unread,
Feb 27, 1995, 5:24:09 PM2/27/95
to
On 27 Feb 1995 03:25:29 GMT in article <3irgn9$q...@portal.gmu.edu>, Chris DiBona wrote:


> Two things:

> First of all timmy, myself and the four million other folks living here (DDC MMetro Area))
> might disagree with your little suggestion to turn us to black glass, you are a
> crude person, there is such a thing as a joke made in bad taste.

While the deaths of four million innocents is regrettable, the
elimination of 535 parasites makes it morall justified. :) You can't
take a hamlet without breaking heads.

> Secondly, do you really think all the facts about nuclear weapons design have been
> simply made available? Some oldr info, I have no probllem agreeing with that, but
> I'd have to be a simple fool to think that we'd (the usa) simply allow ppublishing of such info.

Take:
Approx one pound plutonium.
Some plastique.
Some dynamite.
A timer.

Split the plutonium into tow approximately equal halves.
Pack each half in plastique, then place in a reinforced container so
that the explosion will smash the two pieces together.
Set up a timer.
Place the whole kit&kaboodle (about suitcase size) in, oh, a subway
station or airport.
Run like hell.
Kaboom! (if you did it right).

This isn't a secret. We learned it in High School physics, and it was
also explained on the TV series "Connections". It is *very* common
knowledge.

The hard part is getting plutonium that is pure enough to work -- and
being able to contain it and work with it without dying. Plutonium is one
of the deadliest poisons in the world. Further, it can't be made in your
average basement cyclotron -- it needs a nuclear plant and many years of
refinement (or so I've been told).

The way to prevent homemade nukes is to control the plutonium supply --
not the knowledge of how to build a crude a-bomb. You might as well
attempt to control shootings by suppressing the knowledge of how to make
black powder. (Two parts charcoal, three parts sulphur, fifteen parts
saltpeter. Kids, don't try this at home.)

> Sorry, hope that didn't sound too flamey.

No, just woefully ignorant. You seem to lack an understanding of just
how much nasty knowledge is really widely available. Get your hands on a
catalog from Delta Books, Paladin Press, or Loompanics. Want to know how
to build a nuke, mix poisons, get a fake ID, hide a body? It's all
available.
--
Evolution doesn't take prisoners. -- Lizard
I like guns, because, without guns, you can't shoot people -- F. King
Whenever A annoys or injures B on the premise of saving or improving X,
A is a scoundrel -- Mencken.

James Buster

unread,
Feb 27, 1995, 7:34:58 PM2/27/95
to
In article <3imcs6$k...@newshost.lanl.gov>,

J. S. Greenfield <gre...@lanl.gov> wrote:
>So EFF takes the position that folks should be able to publish the mathematics
>governing the latest nuclear weapon designs (if one should happen to get
>such information)?

Merely knowing the mathematics of nuclear physics is insufficient to
make a nuclear bomb. There is a lot to the physical design of a bomb
that cannot be deduced from the mathematics, and anyway the cat is out of
the bag already. Does it really matter that you got killed by a 1 megaton
bomb or a 500 megaton bomb? So yes, go ahead and publish the latest nuclear
physics results. They won't help you build a bomb.
--
James Buster
bit...@netcom.com

Jurgen Botz

unread,
Feb 27, 1995, 9:06:09 PM2/27/95
to
In article <3iitgs$9...@rs18.hrz.th-darmstadt.de>,
Holger Hoffstaette <ho...@darmstadt.gmd.de> wrote:
>Christian F. Goetze (c-go...@u-aizu.ac.jp) wrote:
>NeXT have provided encryption hooks in their mail tool; they do not provide
>the encryption/decryption code because of export restricions, but a PGP
>plug-in exists and works fine. So, I guess the answer to your question is:
>no, providing the hooks alone is not illegal.

On the other hand, MIT had to take even the calls to the encryption
routines out of Kerberos before the government let them export what
was left ("bones"). The bottom line is that with export controls
whatever the government say is illegal on a case-by-case basis is
illegal. In yet other words, if the NSA doesn't like it, the
authorities will come and hassle you.

Brian Westley

unread,
Feb 27, 1995, 11:49:10 PM2/27/95
to
ic...@jove.acs.unt.edu (Childers James) writes:
>jona...@cruzio.com (Jonathan Cano) writes:
>>>>Are there T-shirts available?
>>>
>>>Not about the case in particular, though we have general EFF t-shirts.
>>>Still this might be a good idea. Any specifics come to mind?

>>No good t-shirt ideas here but I'd definitely buy one if was about
>>this law suit and EFF fighting for free speech/privacy/strong encryption.

>How about something like this: In big letters across the top "NSA", then
>below that "We're NOT Big Brother, ok?"

Shouldn't it be something like "Auwie8lxcvjhsYUkwidndkshdk12"?

---
Merlyn LeRoy

David J. Bianco

unread,
Feb 28, 1995, 7:52:38 AM2/28/95
to
In article <merlyn.793946950@digibd> mer...@digibd.digibd.com (Brian Westley) writes:
||
|| >How about something like this: In big letters across the top "NSA", then
|| >below that "We're NOT Big Brother, ok?"
||
|| Shouldn't it be something like "Auwie8lxcvjhsYUkwidndkshdk12"?
||

What about "I believe I have the right to speak any mathematics I want"
(as was previously suggested), PGP signed with EFF's public key? ;-)

--
=============================================================================
David J. Bianco Chair, NASA Webmasters Working Group
Computer Sciences Corporation, http://ice-www.larc.nasa.gov/webmasters/
NASA Langley Research Center Personal Info:
<d.j.b...@larc.nasa.gov> http://www.larc.nasa.gov/~bianco/bianco.html

Joe Francis

unread,
Feb 27, 1995, 11:24:16 AM2/27/95
to
>>So EFF takes the position that folks should be able to publish the
>>mathematics governing the latest nuclear weapon designs (if one should
>>happen to get such information)? [J. S. Greenfield]

>I don't know if EFF does, but I certainly do. [Joe Francis]

I just wanted to ammend this upon realizing that Greenfield's comments
could be taken a couple of different ways. I do NOT think betraying
classified information you have access to is appropriate. But if I
do math for Podunk U., I should be able to publish my research without
having to worry about whether it could possibly used for bomb-making.

Mirrorshade

unread,
Feb 28, 1995, 10:30:55 AM2/28/95
to
Richard Tobin (ric...@cogsci.ed.ac.uk) wrote:
: In article <793848...@barnowl.demon.co.uk> gra...@barnowl.demon.co.uk (Graham Murray) writes:
: I don't think they're interested in what you *say* the hooks are for,

: they're interested in what they *are* for. Maybe you could fool them,
: and maybe you could have some other use for them, but you wouldn't
: want to rely on a defence like that.

: This seems to be a common misconception on the net, that if you can
: find a way to describe something that is a description of something
: legal then the thing actually is legal. A little thought should
: convince you that this doesn't work.

yes, but you still could get away with it in this example, because the
"hooks" you provided could be for perfectly legal reasons (i.e. for
translating from binary to ascii, from Word for Windows to ascii, for
whatever). It could be for a totally innocent reason...but anyone
could then decide to put PGP or some other decryption program in there
instead.

--
Mirrorshade.... <mirr...@wpi.edu> = Stephen C. Lawler [ CS ]
GC(2.1) -d+ H>+ s g+ au- a--18>? w+(>++) v C++++ UU+ L- 3- E-- N+@ K- W-(--)
M-- V-- -po+(---)@ Y+ t+ !5 j@ R+(>++@)>+++ G tv b+>++ D++ B-- e+>+++ u*
h-- f r++ n- y+* AND host of: Ambient-Noise (Mon 4-6pm WPIR)

Bruce Bertram

unread,
Feb 27, 1995, 11:47:00 AM2/27/95
to
With all this talk of T shirts and the like:

Funny, but somehow I just don't picture Dan on a white horse riding to the
rescue of the downtrodden cryptomasses. <g>

--
bruce_...@lmsc.lockheed.com voice: 408-743-1032
Where opinions expressed are only mine and not my employer's.
b...@netcom.com voice: 408-739-9062
Where opinions expressed are all mine.

Randy Burgess

unread,
Feb 28, 1995, 2:52:36 AM2/28/95
to
gre...@lanl.gov (J. S. Greenfield) wrote:
>
> So EFF takes the position that folks should be able to publish the mathematics
> governing the latest nuclear weapon designs (if one should happen to get
> such information)?
>
> Methinks "So do we." is probably too general a statement of EFF's position. :)
>
>

> --
> J. S. Greenfield gre...@thelair.zynet.com
> (So what were you expecting?
> A Gorilla?!) "What's the difference between an orange?"

The information to build nuclear weapons is widely available now!
Freedom of speech is too important to start putting any limits on it.
In many countries we think of as civilized, they don't have near the
freedoms that we enjoy in the US.

William Unruh

unread,
Feb 28, 1995, 12:36:25 PM2/28/95
to
Randy Burgess <rand...@pop3.cris.com> writes:

>The information to build nuclear weapons is widely available now!
>Freedom of speech is too important to start putting any limits on it.
>In many countries we think of as civilized, they don't have near the
>freedoms that we enjoy in the US.

From your last sentence I would therefor conclude that the second
sentence is wrong. Limits to freedom of speech are not incompatible with
civilization. In fact some would argue that the US is less civilized
than many countries. Should we therefor draw the appropriate conclusion?
Or was the "too important" refereing to something else than
civilization?

--
Bill Unruh
un...@physics.ubc.ca

Bill Sommerfeld

unread,
Feb 28, 1995, 5:28:57 PM2/28/95
to
In article <3itje9$s...@redstone.interpath.net>,
Lizard <liz...@mercury.interpath.net> wrote:
>Approx one pound plutonium.

The actual critical mass needed is heavily dependant on the bomb
design. In general, cruder designs require a much larger critical
mass than that.

>Split the plutonium into tow approximately equal halves.
>Pack each half in plastique, then place in a reinforced container so
>that the explosion will smash the two pieces together.

Nope, that won't work for Pu239 (it reacts too quickly; you get an
inefficient chain reaction, also known as a "fizzle", as the pieces
near each other), though it might work for U235.

A fizzle would be fairly nasty in terms of fallout and damage, but
would not be anywhere near as bad as a fully efficient explosion.

See "The Los Alamos Primer" for details.

- Bill

Richard Tobin

unread,
Mar 1, 1995, 9:37:45 AM3/1/95
to
In article <3ivfjf$t...@bigboote.WPI.EDU> mirr...@wpi.edu (Mirrorshade) writes:
>yes, but you still could get away with it in this example, because the
>"hooks" you provided could be for perfectly legal reasons

If the government want to stop the export of of programs with hooks for
cryptography, the fact that they "could be" for something else isn't
going to make any difference. You might think that this should be a
defence, but you're likely to be disappointed.

-- Richard

mshields

unread,
Mar 1, 1995, 11:27:44 AM3/1/95
to
>>>>I believe I have the right to speak any mathematics I want. [Joe Francis]

>>So do we. [Stanton McCandlish of EFF]

>So EFF takes the position that folks should be able to publish the
>mathematics governing the latest nuclear weapon designs (if one should
>happen to get such information)? [J. S. Greenfield]

What Mr. Greenfield misses here is the huge and obvious difference between
government suppression of information which, if released, might theoretically
cause a "clear and present danger" to society (e.g. a terrorist with a nuclear
weapon), and government suppression of information which

(a.) Is a threat only to the government's ability to spy on private individuals
for ANY reason, be it legitimate or, as has been demonstrated repeatedly in the
past, simply because somebody in the government wants to;

(b.) Cannot possibly cause direct harm to anyone; and

(c.) Is, or can be developed, easily in other locations around the world, and can
be broadcast from these locations with complete impunity.

The REAL reason the U.S. government wants to suppress the dissemination of micro-
computer encryption techniques has nothing whatsoever to do with legitimate
national security concerns. Rather, it is motivated purely by the knowledge that
if people in the rest of the world, particularly those Third World places that the
CIA loves to meddle in, gets the ability to keep their communications private, the
CIA, NSA, etc., lose some of their current tremendous advantage in espionage.

Well, tough luck there, spooks. The cat's out of the bag.

M.Shields
mshi...@bull.ca

Stephen Selby

unread,
Mar 2, 1995, 12:20:06 AM3/2/95
to
I see so much discussion about how to use plutonium to make a _bomb_.
Wouldn't it be easier to split it up into little pieces and scatter
the pieces around a few reservoirs? It is so poisonous that many
would die.
So would the perpetrator, of course...Ho hum..

Mike Crawford

unread,
Feb 28, 1995, 7:52:29 PM2/28/95
to
It is being discussed whether providing hooks for encryption violates US
export law.

On the Macintosh, there is a communications protocol for attaching things
such as spellers, grammar checkers, or encryptors to applications. The
servers - such as an encryption server - appear within the menu bar of the
client application.

While only spellchecking servers have been implemented for the Word Services
Apple Event Suite, it would be quite straightforward for encryption servers
to be written as well.

There are several client programs available which can use the protocol, and
they are all exported. These include the Japanese version of hypercard,
WordPerfect, Info Depot, Writeswell Jr., World Write and some others.

The Word Services Software Development Kit is available free of charge by
sending your postal address to wor...@working.com.

Cheers,
--
Mike Crawford
craw...@scruznet.com <-- note change of address.
craw...@maxwell.ucsc.edu <-- Finger Me here for PGP Public Key

Phillip M. Hallam-Baker

unread,
Mar 2, 1995, 7:09:54 AM3/2/95
to

In article <BIANCO.95F...@MiSTy.larc.nasa.gov>, bia...@MiSTy.larc.nasa.gov (David J. Bianco) writes:
|>Xref: CERN.ch alt.bbs.allsysop:10070 alt.censorship:38490 alt.politics.datahighway:6594 alt.privacy:21056 alt.security.pgp:28103 alt.wired:15371 comp.org.cpsr.talk:3791 comp.org.eff.talk:45285
|>In-reply-to: mer...@digibd.digibd.com's message of Tue, 28 Feb 1995 04:49:10 GMT

|>
|>In article <merlyn.793946950@digibd> mer...@digibd.digibd.com (Brian Westley) writes:
|>||
|>|| >How about something like this: In big letters across the top "NSA", then
|>|| >below that "We're NOT Big Brother, ok?"
|>||
|>|| Shouldn't it be something like "Auwie8lxcvjhsYUkwidndkshdk12"?
|>||
|>
|>What about "I believe I have the right to speak any mathematics I want"
|>(as was previously suggested), PGP signed with EFF's public key? ;-)

Wouldn't it be more effective if it was signed by the EFF's private key?


I think we could pep up the slogan too. "I beleive" weakens the phrase. "I have"
could also be removed, the definite article is stronger than "any":

The right to speak the
mathematics I want to

EFF


Foreground in Prisoner typeface (I think its a variant of Baskerville) for
an exta cutrural reference.


How about a WiReD style flourescent background in bright orange with the
pgp signature of the message written across in yellow. PEM might be better
for artistic purposes because of all the DEK-Info stuff? This bit should
be in that terminal typeface at a low resolution (like an old teletype).
Alternatively the "blobby" computer font coule be used.

An alternative colour schemes would be Blue/Cyan.

Across the back we could have "PGP World Tour" and list the urls for the
web sites carrying PGP.

--
Phillip M. Hallam-Baker

Not Speaking for anyone else.

David J. Bianco

unread,
Mar 2, 1995, 7:48:35 AM3/2/95
to
In article <D4tB4...@news.cern.ch> hal...@dxal18.cern.ch (Phillip M. Hallam-Baker) writes:


|| In article <BIANCO.95F...@MiSTy.larc.nasa.gov>, bia...@MiSTy.larc.nasa.gov (David J. Bianco) writes:
|| |>
|| |>What about "I believe I have the right to speak any mathematics I want"
|| |>(as was previously suggested), PGP signed with EFF's public key? ;-)
||
|| Wouldn't it be more effective if it was signed by the EFF's private key?
||
||

Uh, duh, yes. Don't mind me. I'm clearly not thinking correctly here. 8-)

||
|| How about a WiReD style flourescent background in bright orange with the
|| pgp signature of the message written across in yellow. PEM might be better
|| for artistic purposes because of all the DEK-Info stuff? This bit should
|| be in that terminal typeface at a low resolution (like an old teletype).
|| Alternatively the "blobby" computer font coule be used.
||
|| An alternative colour schemes would be Blue/Cyan.
||

Personally, I think I'd favor a very simple two color design, black with
white lettering, maybe. As much as I enjoy wired, I don't go for garishly
colored clothing much...

|| Across the back we could have "PGP World Tour" and list the urls for the
|| web sites carrying PGP.
||
||

Yes, I like this idea! But don't include any US sites here... ;-)

Robert Lewis Glendenning

unread,
Feb 28, 1995, 8:53:42 PM2/28/95
to
In article <D4qEG...@apollo.hp.com>,

John McFee wrote a book some years back on this stuff. He also tells
how to do a bomb in the toilet of a skyscraper, and describes the damage
a "fizzle" bomb would do.

A purist calls it a "fizzle". The rest of us would call it a catastrophe.
The number of dead would approximate a good earth quake, probably way
beyond Kobe.

BTW: McFee is a good read. All of his books are really interesting,
informative, good points of view.

Lew
.

--
Lew Glendenning rlgl...@netcom.com
"Ideology? We don't got no Ideology. We don't need no stinkin Ideology!
We have a CONSTITUTION!"

The CONSTITUTION, the WHOLE CONSTITUTION, and NOTHING BUT the CONSTITUTION.

Lizard

unread,
Mar 2, 1995, 4:58:42 PM3/2/95
to
On 2 Mar 1995 07:24:24 +1100 in article <3j2l5o$icc$1...@sydney.DIALix.oz.au>, Scott Gilbert wrote:

> Actually, a better way is to have one spherical piece of
> plutonium, just short of the size required for critical mass with a
> cylindrical hole in the size. A cylinder of plutonium which fits the
> hole in the first piece is then blasted into that hole and a holding
> plate pops into place behind

> much bigger bang that way.

Yup. Several people have mailed me, telling me that while my formula
might work, a method such as you describe will do more damage.

That's what I love about Usenet. Everyone is so willing to help a
stranger out with a science project. :)

Graham Toal

unread,
Mar 3, 1995, 12:42:55 AM3/3/95
to
hal...@dxal18.cern.ch (Phillip M. Hallam-Baker) wrote:
> Across the back we could have "PGP World Tour" and list the urls for the
> web sites carrying PGP.

I made a T for my wife last year with her email address on it
and her key signature underneath it in hex. Very fetching, and
it's been across the border a couple of times without comment
from the Customs :-)

G

Charles Lane

unread,
Mar 3, 1995, 8:24:10 AM3/3/95
to
In article <3j54b5$6...@nntp.ucs.ubc.ca> un...@physics.ubc.ca (William Unruh) writes:
>Stephen Selby <srs...@hk.super.net> writes:

>>I see so much discussion about how to use plutonium to make a _bomb_.
>>Wouldn't it be easier to split it up into little pieces and scatter
>>the pieces around a few reservoirs? It is so poisonous that many
>>would die.

>I keep hearing these claims about Pu being poisonous. I always thought
>that it was claimed as such because of its alpha radiaactivity. Is it
>actually chamically poisonous and how does it differ from te other rare
>earths (eg like even U)?

Check out _American Scientist_, March-April 1995 issue (Vol 83, No.2) page 132:
"Plutonium's Bad Rep", where they try and track down the origin of the
"plutonium is one of the most toxic substances known" story. Urban legend
material here.

A quote contained in the article:
"The popular myth that plutonium is the most hazardous substance known to man
has been refuted repeatedly for many years. Plutonium is hazardous, but it is
not as immediately hazardous to health as many more-common chemicals"
---William Sutcliffe, Sr. Fellow, Center for Security and Technology Studies,
LLNL.

I trimmed out some of the newsgroups, but this subthread is getting off-topic
for just about all of the groups where it started.
--
Chuck Lane "I wish to God these calculations
Drexel Univ. Particle Physics had been accomplished by steam."
la...@duphy4.physics.drexel.edu --C. Babbage

Travis Corcoran

unread,
Mar 3, 1995, 1:25:35 PM3/3/95
to
-----BEGIN PGP SIGNED MESSAGE-----


In article <3irgn9$q...@portal.gmu.edu> Chris DiBona <cdi...@osf1.gmu.edu> writes:

> From: Chris DiBona <cdi...@osf1.gmu.edu>
> Newsgroups: alt.bbs.allsysop,alt.censorship,alt.politics.datahighway,alt.privacy,alt.security.pgp,alt.wired,comp.org.cpsr.talk,comp.org.eff.talk,misc.int-property,misc.legal,sci.crypt,talk.politics.crypto
> Date: 27 Feb 1995 03:25:29 GMT
>
> tc...@netcom.com (Timothy C. May) wrote:
> >
> > J. S. Greenfield (gre...@lanl.gov) wrote:
> >
> > : So EFF takes the position that folks should be able to publish the mathematics


> > : governing the latest nuclear weapon designs (if one should happen to get
> > : such information)?
> >

> > I don't know about EFF, but many of us think so. Anonymous remailers
> > and information markets like BlackNet make this easy to do.
> >
> > Besides, a terrorist nuclear bomb used on Washington could be the best
> > thing to happen to this country! (My main worry is that the Beltway
> > Bandits are so far from the city center that only a 20-MT airburst
> > could take them out, and this is far beyond what any terrorist group
> > could manage.)


>
> First of all timmy, myself and the four million other folks living here (DDC MMetro Area))
> might disagree with your little suggestion to turn us to black glass, you are a
> crude person, there is such a thing as a joke made in bad taste.

I thought it was not only funny, but a decent idea...

sue me.



> Secondly, do you really think all the facts about nuclear weapons
> design have been simply made available?

Yes.

> Some oldr info, I have no probllem agreeing with that,

^^^^^^^^^

As I recall, someone with only the knowledge of nuclear weapons that
existed in 1945 could build a nuke.

> but I'd have to be a simple fool to think that we'd (the usa)
> simply allow ppublishing of such info.

What makes you think that

(a) the federal government had any ability to not allow publishing of
the information? It's a big world, and there's more than one country
in it.

(b) the feds aren't fools?

- --
TJIC (Travis J.I. Corcoran) TJ...@icd.teradyne.com
Member NRA, GOAL

opinions(TJIC) != opinions(employer(TJIC))
"Buy a rifle, encrypt your data, and wait for the Revolution!"


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBL1dfHIJYfGX+MQb5AQG77AP+IEbopRvKnKY+PcQ9ZJhA8iiwdUujyiVM
xafM1xvpz0+PN/4U+W9RVU/sWMIW+59a5me87ytCJx9NJ2SD5aSccJQY5o2NcDv9
LaAaJ0cbqINGG0xfVcTK44I2+nXZoK8ALNyxBmnL3mMuvYuh7IAs+WTyS3SOmx4F
GDKJVVMBtAo=
=IBBS
-----END PGP SIGNATURE-----

David Allen

unread,
Mar 3, 1995, 10:15:13 AM3/3/95
to
Stephen Selby (srs...@hk.super.net) wrote:
: I see so much discussion about how to use plutonium to make a _bomb_.

Actually, it would seem that the cheapest, most effective way to destroy
say, New York City, would be a moderately sized conventional bomb in the
water main. NYC's water system is pretty shaky as it is, and a sizable blast
(concentrated in a confined space like water lines) would bring the whole
water system irrevocably crashing down. A city of 9 million without fresh
water becomes rapidly uninhabitable. 3-5 days would be my uneducated guess,
loss of life would come from the resulting civil disorder.

------------------------------------------------------------------------------
David Allen
Columnist, The Digital Frontier
dal...@infi.net

"For every action, there is an equal and opposite overreaction."
- Allen's Corollary to Newton's Law

Iolo Davidson

unread,
Mar 3, 1995, 3:45:44 PM3/3/95
to
In article <3j54b5$6...@nntp.ucs.ubc.ca>
un...@physics.ubc.ca "William Unruh" writes:

> I keep hearing these claims about Pu being poisonous. I always thought
> that it was claimed as such because of its alpha radiaactivity. Is it
> actually chamically poisonous and how does it differ from te other rare
> earths (eg like even U)?

The oxide form, as used in nuclear power rods, is not
particularly poisonous. Less so than arsenic. The metallic form
may be, it wasn't covered in the reference I use (and cannot for
the moment find, a debunking of environmentalist propaganda by
Jerry Pournelle).

--
SUBSTITUTES THAN A
CAN LET YOU DOWN STRAPLESS GOWN
QUICKER Burma-Shave

J. S. Greenfield

unread,
Mar 3, 1995, 7:26:44 PM3/3/95
to
In article <3iuko4$m...@warp.cris.com> Randy Burgess <rand...@pop3.cris.com> writes:

>> So EFF takes the position that folks should be able to publish the
>> mathematics governing the latest nuclear weapon designs (if one should
>> happen to get such information)?
>>
>> Methinks "So do we." is probably too general a statement of EFF's
>> position. :)

>The information to build nuclear weapons is widely available now!

Which says nothing relevant to my question above, nor to my general
claim that EFF almost certainly has *not* yet adopted a sweeping
position that *all* currently classified mathematics should be freely
available (or that *all* governmental restrictions on *all*
mathematics is unconstitutional).

A cat

unread,
Mar 3, 1995, 11:55:19 AM3/3/95
to
un...@physics.ubc.ca (William Unruh) writes:

>Stephen Selby <srs...@hk.super.net> writes:

>>I see so much discussion about how to use plutonium to make a _bomb_.
>>Wouldn't it be easier to split it up into little pieces and scatter
>>the pieces around a few reservoirs? It is so poisonous that many
>>would die.

>I keep hearing these claims about Pu being poisonous. I always thought


>that it was claimed as such because of its alpha radiaactivity. Is it
>actually chamically poisonous and how does it differ from te other rare
>earths (eg like even U)?

>--
>Bill Unruh
>un...@physics.ubc.ca

Plutonium IS poisonous. But only if you get it into your system. You
could actually sit on plutonium (assuming a sub-critical mass) safely.
At least that's what the nuke engineering prof here said...

Mike

Steve Brinich

unread,
Mar 3, 1995, 8:14:39 PM3/3/95
to
> Foreground in Prisoner typeface (I think its a variant of Baskerville)
>for an exta cutrural reference.

It's Albertus, with the loop of the "e" cut open and the dots on the "i"
and "j" removed.

--
Steve Brinich | EVERYTING IS UNDER CONTROL | Finger PGP key
ste...@digex.net | (A public service announcement | 89B992BBE67F7B2F
GEnie: S.BRINICH | from the Bavarian Illuminati) | 64FDF2EA14374C3E

Lizard

unread,
Mar 4, 1995, 9:55:46 PM3/4/95
to
On Wed, 1 Mar 1995 16:27:44 GMT in article <1995Mar1.1...@bullns.on01.bull.ca>, mshields wrote:

> The REAL reason the U.S. government wants to suppress the dissemination of micro-
> computer encryption techniques has nothing whatsoever to do with legitimate
> national security concerns. Rather, it is motivated purely by the knowledge that
> if people in the rest of the world, particularly those Third World places that the
> CIA loves to meddle in, gets the ability to keep their communications private, the
> CIA, NSA, etc., lose some of their current tremendous advantage in espionage.

Since the CIA,No Such Agency, et al, use what someone else cleverly
termed the "Rubber Hose Decryption Algorithm", I don't think our
Intelligence Agencies will *really* be crippled all that much.

Reliable, free, encryption *will* severely weaken governments -- but not
by allowing the Workers Of The World to Throw Off The Chains Of
Capitalist Exploitation. Rather, it will allow the Capitalist Corporate
Fascist Pigs to freely exchange money without the assorted tax services
of assorted governments knowing about it. No extorted tax money:=No
governments.

William Unruh

unread,
Mar 2, 1995, 1:55:33 PM3/2/95
to
Stephen Selby <srs...@hk.super.net> writes:

>I see so much discussion about how to use plutonium to make a _bomb_.
>Wouldn't it be easier to split it up into little pieces and scatter
>the pieces around a few reservoirs? It is so poisonous that many
>would die.

I keep hearing these claims about Pu being poisonous. I always thought

Dennis G. Rears

unread,
Mar 4, 1995, 12:51:33 PM3/4/95
to
In article <3j8c44$1...@newshost.lanl.gov>,

J. S. Greenfield <gre...@lanl.gov> wrote:
>In article <3iuko4$m...@warp.cris.com> Randy Burgess <rand...@pop3.cris.com> writes:
>
>>> So EFF takes the position that folks should be able to publish the
>>> mathematics governing the latest nuclear weapon designs (if one should
>>> happen to get such information)?
>>>
>>> Methinks "So do we." is probably too general a statement of EFF's
>>> position. :)
>
>>The information to build nuclear weapons is widely available now!
>
>Which says nothing relevant to my question above, nor to my general
>claim that EFF almost certainly has *not* yet adopted a sweeping
>position that *all* currently classified mathematics should be freely
>available (or that *all* governmental restrictions on *all*
>mathematics is unconstitutional).

How's this for an answer. If research was developed at government
expense then it can be classified. If the research was developed with no
relationship to the government then the government has no business
classifying it.
As far as nuclear weapons design go the mathmatics are generally known.
What isn't is the actual tech data package.


dennis

Randy

unread,
Mar 5, 1995, 1:59:48 AM3/5/95
to

I don't see how the last sentence disproves the first. The way I see
freedom of speech is as long as I don't injure you, there are legal
definitions but I'm no attorney, then I have the right to criticise
the government, President of this country or whomever. Anything that
infringes on these rights is unconstitutional.

Where do you start limiting freedom of speech? Who decides? What if I
was in a position to force you to speak and essentially think the way
I thought was proper. For the good of humanity of course.

I lived in Sweden for 2 years and that is the way it is there. Of course
individuals are pretty much free to say what they think. Newspapers on
the other hand must abide by many regulations. Once freedoms are taken
away they are rarely given back!

I'll be glad to hear what you have to say about this.


Tom Bryce

unread,
Mar 3, 1995, 1:47:18 PM3/3/95
to
: On 27 Feb 1995 03:25:29 GMT in article <3irgn9$q...@portal.gmu.edu>,
Chris DiBona wrote:

> : Take:
> : Approx one pound plutonium.
> : Some plastique.
> : Some dynamite.
> : A timer.
>
> : Split the plutonium into tow approximately equal halves.


> : Pack each half in plastique, then place in a reinforced container so
> : that the explosion will smash the two pieces together.

> : Set up a timer.
> : Place the whole kit&kaboodle (about suitcase size) in, oh, a subway
> : station or airport.
> : Run like hell.
> : Kaboom! (if you did it right).

Shit. Is it *that* goddamn easy? Frightening, ain't it.

------------------------------------------------------------------------

Tom Bryce, Duke Med, for PGP public key finger tjb...@amherst.edu
cryptography & security archive (mac, etc): ftp://miyako.dorm.duke.edu

J. S. Greenfield

unread,
Mar 6, 1995, 4:08:13 PM3/6/95
to
In article <1995Mar1.1...@bullns.on01.bull.ca> mshi...@bull.ca (mshields) writes:

>>>>>I believe I have the right to speak any mathematics I want. [Joe Francis]
>
>>>So do we. [Stanton McCandlish of EFF]
>
>>So EFF takes the position that folks should be able to publish the
>>mathematics governing the latest nuclear weapon designs (if one should
>>happen to get such information)? [J. S. Greenfield]
>
>What Mr. Greenfield misses here is the huge and obvious difference between
>government suppression of information which, if released, might theoretically
>cause a "clear and present danger" to society (e.g. a terrorist with a nuclear
>weapon), and government suppression of information which

[remainder omitted]


Holy Moly! How did you *ever* reach the conclusion that I was advocating
suppression of cryptography??!!

I suggest you re-read what I posted. I have suggested nothing more than
that Stanton's "So do we." is a statement that far outreaches the position
that EFF has taken regarding cryptography restrictions.


For the record, I *oppose* the ITAR restrictions on cryptography as
"munitions." I support EFF's actions. I have done some work in the
area, have even published a related monograph (LNCS 870), and look
forward to the day when I can distribute cryptography-/security-related
software without concerns over intimidating government tactics.

Jeff A Licquia

unread,
Mar 6, 1995, 6:06:15 PM3/6/95
to
gre...@lanl.gov (J. S. Greenfield) writes:

>I'm *merely* pointing out that a statement to the effect that "We believe
>that everybody should be able to speak all the mathematics they want."
>encompasses *far* more than issues related to cryptography, and is almost
>certainly far beyond any position that EFF has *discussed*, let alone
>adopted.

As long as we're beating this poor issue to death...

"Speaking" mathematics implies that the mathematics is the language used
for speaking; this has nothing to do with content. "Speaking" mathematics
therefore only involves the mathematical transformation of content. One
may allow any spoken language (including the "mathematical" ones like LZW
and RSA) yet still restrict content.

Were the EFF to say "We believe that we should have the right to tell
anyone any mathematics we want", you argument would be valid. I believe,
however, that the EFF means the statement to point to "mathematics as
language", cryptography being one of only two "mathematical languages" I
can think of (the other being compression).
--
----------------------------------------------------------------------
Jeff Licquia (lame .sig, huh?) | Finger for PGP 2.6 public key
jali...@prairienet.org | Me? Speak for whom? You've got
lic...@cei.com (work) | to be kidding!

Joe Francis

unread,
Mar 6, 1995, 11:45:00 PM3/6/95
to
Jeff A Licquia, jali...@prairienet.org writes:
>"Speaking" mathematics implies that the mathematics is the language used
>for speaking; this has nothing to do with content. "Speaking" mathematics
>therefore only involves the mathematical transformation of content. One
>may allow any spoken language (including the "mathematical" ones like LZW
>and RSA) yet still restrict content.

LZW and RSA are not "languages". You have misunderstood my meaning.

>Were the EFF to say "We believe that we should have the right to tell
>anyone any mathematics we want", you argument would be valid.

This is what I meant. I haven't seen any convincing arguments against
it, either. If I invent some mathematics, I should be able to publish
it. Period. No matter what it is.

>I believe,
>however, that the EFF means the statement to point to "mathematics as
>language", cryptography being one of only two "mathematical languages" I
>can think of (the other being compression).

EFF did not pen that statement, but even if they had, I doubt that your
interpretation would have captured their meaning.

--------------------------------------------------------------------------
"Churches should look to their members and their friends only for the
financing of their undertakings, and no church should engage in any
undertaking, no matter how laudable it may be, that its members and
friends are unable or unwilling to finance." - Sam J. Ervin, Jr.
--------------------------------------------------------------------------

It is loading more messages.
0 new messages