anonymous services

Eric plug-discuss@lists.PLUG.phoenix.az.us
Fri, 14 Sep 2001 15:56:55 -0800 


>To be complete, this question should be "True, but would AMERICAN
>corporations that sell crypto ignore laws".  The answer to that is "no", of
>course

My initial response to this is to ask you whether Elcomsoft is going to
follow our laws  This is a Russian corporation with no US presence, but if
you are familiar with the Sklyarov case, you will know they are following
our copyright (i.e., software) laws very, very closely at this moment.


>Let's look at it from this point of view.  Say you are in the US State Dept
>and want to send sensitive information to somebody else.

You are assuming that because I may support restrictions on consumer use of
crypto, that I therefore support restrictions on US govt use of it.  I don't
know whether the State Dept. should be able to use crypto, but it is safe to
assume that I would support certain US agencies having access to crypto even
though consumers do not.

>So now lets flip the view.  The US passes a law that makes *all*
>cryptography
>have a backdoor that the NSA and FBI can use to decrypt any message.  Now
>you are in the German government... would you use this crypto?  Again,
there >is no possible way.

Well I can't worry about balancing the benefits and burdens of other
countries right now.  Right now we are debating US encrypton laws, and so
any deleterious affects it has on other governments is something that I
can't factor right now.  I know that there are some non-American national on
the list, so maybe they would like to throuw in their two cents. Or maybe
they already have.


>This is hardly idle speculation, either.  The German parliment is seriously
>considering moving to all Open Source software *mostly* because they are
>convinced that Microsoft has backdoors built into their software.

To me this is an economic issue, not one of safety.  I am not a expert on
German law and I not qualified to discuss it.


>Now say you are a terrorist or criminal.  In the global community, you have
>access to either strong crypto from "overseas" or broken crypto from the
US.
>Which would you use?

All I can say here is that you have *a lot* of assumptions built into your
argument.  Too many to deal with here.  I have been responding to the
blitzkrieg of e-mails based on my opinion for 1.5 hours.