From owner-freebsd-security  Thu Nov 14 23:37:26 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id XAA22421
          for security-outgoing; Thu, 14 Nov 1996 23:37:26 -0800 (PST)
Received: from bitbucket.edmweb.com (bitbucket.edmweb.com [204.244.190.9])
          by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id XAA22416
          for <freebsd-security@freebsd.org>; Thu, 14 Nov 1996 23:37:23 -0800 (PST)
Received: (from steve@localhost) by bitbucket.edmweb.com (8.6.12/8.6.12) id XAA00828; Thu, 14 Nov 1996 23:36:31 -0800
Date: Thu, 14 Nov 1996 23:36:25 -0800 (PST)
From: Steve Reid <steve@edmweb.com>
To: pgiffuni@fps.biblos.unal.edu.co
cc: freebsd-security@freebsd.org
Subject: Re: Secure RPC revisited
In-Reply-To: <328C221D.44A4@ingenieria.ingsala.unal.edu.co>
Message-ID: <Pine.BSF.3.91.961114225539.783A-100000@bitbucket.edmweb.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Content-Transfer-Encoding: QUOTED-PRINTABLE
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

> Well, there=B4s another solution, you can telnet to Canada, or another
> part of the free world, and write your encryption there. Technically
> speaking you are not exporting the software,=20

Technically you _are_ exporting it over the telnet connection. Of course,
if you use Ssh instead of telnet nobody will know. :)  I am not a lawyer
but it seems to me that ITAR applies to whatever the anti-crypto powers
want it to apply to. The "crypto hooks" part is so broad that it could
potentially allow a piece of wire to be considered a munition since you
could plug crypto into it (same as plugging it into crypto). The
anti-crypto forces are somewhat limited in what they _do_ prosecute,
because if they prosecute something stupid the law could be thrown out on
constitutional grounds.=20

> but then Walnut Creek, Netscape, IBM and the others should follow
> OpenBSD and move their headquarters to Canada.=20

I may be mistaken, but I think taxes are quite a bit higher up here.=20

The US crypto export matter is currently before the courts. Hopefully the
courts will decide that crypto-related parts of ITAR are unconstitutional.
There's also the "Pro-CODE" bill trying to get through Congress, but I
guess the courts will probably be where it's won, just like with the CDA.=
=20

> Is it posible to have a Blue Ribbon Campaign part II, to liberate free
> software from "US military masterminds"? I=B4m sure many US companies are
> having the same problem with their software and would support such a
> campaign.

There's the Golden Key Campaign. See http://www.privacy.org/ipc/=20