>Encryption software can be used to maintain the secrecy of
>information, and thereby may be used by persons abroad to harm national
>security, foreign policy and law enforcement interests. As the
>President indicated in E.O. 13026 and in his Memorandum of November 15,
>1996, export of encryption software, like export of encryption
>hardware, is controlled because of this functional capacity to encrypt
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>information on a computer system, and not because of any informational
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>or theoretical value that such software may reflect, contain, or
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>represent, or that its export may convey to others abroad. For this
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>reason, export controls on encryption software are distinguished from
>other software regulated under the EAR.
So it seems like current export guidelines are based not on the ideas
conveyed, but on encryption functionality. Since the clients distributions
are just binary which can't do anything but participate in this search,
even if someone extracted the algortithm from the machine code, that
would just be "informational or theoretical value" and ...
Opinions?
-Ethan O'Connor