From owner-freebsd-security Thu Nov 14 23:37:26 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id XAA22421 for security-outgoing; Thu, 14 Nov 1996 23:37:26 -0800 (PST) Received: from bitbucket.edmweb.com (bitbucket.edmweb.com [204.244.190.9]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id XAA22416 for ; Thu, 14 Nov 1996 23:37:23 -0800 (PST) Received: (from steve@localhost) by bitbucket.edmweb.com (8.6.12/8.6.12) id XAA00828; Thu, 14 Nov 1996 23:36:31 -0800 Date: Thu, 14 Nov 1996 23:36:25 -0800 (PST) From: Steve Reid To: pgiffuni@fps.biblos.unal.edu.co cc: freebsd-security@freebsd.org Subject: Re: Secure RPC revisited In-Reply-To: <328C221D.44A4@ingenieria.ingsala.unal.edu.co> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Content-Transfer-Encoding: QUOTED-PRINTABLE Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > Well, there=B4s another solution, you can telnet to Canada, or another > part of the free world, and write your encryption there. Technically > speaking you are not exporting the software,=20 Technically you _are_ exporting it over the telnet connection. Of course, if you use Ssh instead of telnet nobody will know. :) I am not a lawyer but it seems to me that ITAR applies to whatever the anti-crypto powers want it to apply to. The "crypto hooks" part is so broad that it could potentially allow a piece of wire to be considered a munition since you could plug crypto into it (same as plugging it into crypto). The anti-crypto forces are somewhat limited in what they _do_ prosecute, because if they prosecute something stupid the law could be thrown out on constitutional grounds.=20 > but then Walnut Creek, Netscape, IBM and the others should follow > OpenBSD and move their headquarters to Canada.=20 I may be mistaken, but I think taxes are quite a bit higher up here.=20 The US crypto export matter is currently before the courts. Hopefully the courts will decide that crypto-related parts of ITAR are unconstitutional. There's also the "Pro-CODE" bill trying to get through Congress, but I guess the courts will probably be where it's won, just like with the CDA.= =20 > Is it posible to have a Blue Ribbon Campaign part II, to liberate free > software from "US military masterminds"? I=B4m sure many US companies are > having the same problem with their software and would support such a > campaign. There's the Golden Key Campaign. See http://www.privacy.org/ipc/=20