Re: Export laws revisited

Jeff Simmons (
Wed, 30 Apr 1997 21:31:47 -3100 (PDT)

> This is all pretty much moot until we consult
> a lawyer, but if someone wants to go ahead and
> take whatever risk there is in making the client
> internationally available, the following section
> from the export comment (available on Rocke's page)
> might be of some encouragement:


> So it seems like current export guidelines are based not on the ideas
> conveyed, but on encryption functionality. Since the clients distributions
> are just binary which can't do anything but participate in this search,
> even if someone extracted the algortithm from the machine code, that
> would just be "informational or theoretical value" and ...
> Opinions?

Look, guys, the ITAR/EAR restrictions are based on some pretty weird
stuff. Since we're dealing with foreign soil, the Constitution and the
Bill of Rights DO NOT APPLY.

EAR is NOT a law. It's an administrative directive. Basically, it means
whatever the enforcing agencies BELIEVE it means.

No one has (to my knowledge) ever been prosecuted for exporting crypto
under the ITAR/EAR (Phil Zimmerman was persecuted and investigated, but
never CHARGED). But many people have been visited by men in trenchcoats
and mirrored sunglasses and told that they'd BETTER take that crypto
software off their ftp sites, or Uncle Sam will be VERY pissed off.

When you get to the point where exporting an IDEA to a friend outside
of the U.S. borders is illegal, we've gone WAY past logic. Trying to
poke logical holes in the ITAR/EAR regulations is a waste of time.

My opinion. You asked.

Jeff Simmons

Hey, man, got any spare CPU cycles? Help crack DES.