[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Subject: IP: Stewart Baker on US crypto regs & open source software
> >From: "Baker, Stewart" <SBaker@steptoe.com> >To: declan@well.com >Subject: RE: How US crypto-regulations affect open source software >Date: Sat, 27 Nov 1999 14:45:08 -0500 >: > >Declan, > >John Gilmore's posting should be persuasive to anyone who accepts his view >that the US does not belong on a list of "free countries". The rest of us >can afford a more balanced assessment of the draft rules. > >First, it is significant -- and praiseworthy -- that the rules on public >source go much further than the September announcement, which said there >would be no changes in the source code rules. Contrary to the weird press >spin that accompanied the draft rules, this is a pleasant surprise in rules >that otherwise by and large deliver just what the Administration promised in >September. > >Second, John is wrong to jump to the conclusion that the rules would forbid >anonymous downloads because of the possibility of downloads to >terrorism-supporting nations. That has been the rule up to now (if you >can't resolve the downloader's domain to the US or Canada, you don't >authorize 128-bit downloads), but this latest liberalization changes the >landscape dramatically. There's an argument that no screening of domain >names is required at all for retail products, and even for those who are >more conservative about how to read the regs, it's highly unlikely that >sites are required to do anything more aggressive than policing for stray >downloads to .ly (Lybia's domain -- Qadaffi is clearly missing a big >commercial opportunity in not offering to sell domain names like >deliver@quick.ly). > >Finally, while I tend to agree with John that the regs' effort to assert >jurisdiction over products made with US public-source crypto is a doubtful >idea, I do so for the opposite reason. It's not that the limitation will >become the engine of vast assertions of US power; it's that the limit isn't >enforceable in any plausible way. John is worrying about some future in >which crypto export rules suddenly tighten -- running counter to a >twenty-year trend -- and other countries are willing to accept US assertions >of extraterritorial jurisdiction. In that Bizarro universe, however, >open-source products are already at risk. The US could make a plausible >claim today that SSL, RSA, RC-4, and numerous other technologies have enough >US origin to allow the US to retroactively control the export of products >containing those technologies. But that's not a claim the rest of the world >would accept or enforce and so it will not be asserted. The scenario >painted by John Gilmore is equally unlikely. It is plausible only to those >who can't sleep at night if they get too much good news all at once. > > >Steptoe & Johnson LLP >phone -- 202.429.6413 >email fax -- 202.261.9825 >main fax - -202-429-3902 >sbaker@steptoe.com > > > > Baker, Stewart A. (E-mail)4.vcf > > > >-------------------------------------------------------------------------- >POLITECH -- the moderated mailing list of politics and technology >To subscribe: send a message to majordomo@vorlon.mit.edu with this text: >subscribe politech >More information is at http://www.well.com/~declan/politech/ >--------------------------------------------------------------------------
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Powered by eList eXpress LLC