Tim May wrote:
>
> Fourth, and this is a serious question, not a rhetorical one: What the hell
> ever happened to the movement to develop offshore and them skirt U.S.
> export laws thusly? Remember how RSA had created a European branch would
> would supposedly develop RSA-type softwar and then throw it in the face of
> Uncle Sam? This was about two years ago, as I recall. And remember NTT and
> their RSA chip, which Jim Bidzos held up in front of Congress as a slap in
> their face?
I don't claim to have any inside knowledge of what has happened with
RSA, Sun and other companies with offshore crypto operations. I suspect
that any U.S. company is going to have to deal with threats from the
federal government concerning "good/happy/profitable relations" between
that company and the government.
Sun sells huge amounts of hardware and software to the federal
government. Are they willing to give up that business? Do they want the
IRS, SEC, DOC and other agencies to be looking for ways to obstruct
their business operations?
Do you see any cellular/PCS companies offering strong encryption to
their customers? They all caved when the feds suggested that it wasn't a
good idea. So we get no encryption or encryption that can be cracked by
an amateur cryptanalyst with a PC.
What does a U.S. company do when the NSA suggests modifications (a la
Crypto AG) to their software that compromise its security?
I believe that if we are ever going to see good encryption software for
the masses, it is going to be from open source projects, not from
commercial vendors selling binaries.
