Just got back from vacation in a low tech wilderness (the BWCA) and I
didn't have a chance to pass this on sooner.
Just before I left (Friday June 18) I met Senator John McCain at SCC's
offices in San Jose. We talked about export controls. I went through the
usual explanations and analogies to explain why export controls don't work,
and described the tribulations of companies trying to build competitive
products in a global marketplace. I pointed out that foreign vendors have
produced over 100 products that provide strong crypto already (the report
by Balenson et al), so it's only a matter of time before strong crypto is
pervasive worldwide. We even noted that weak crypto creates another Y2K
problem (McCain is pushing his Y2K liability bill really hard at the moment).
McCain replied by stating his problem this way: he's sitting across the
table from the Secretary of Defense, the CJCS, and the other leaders of the
national security community, and they tell him encryption exports will harm
national security. What can he say in response?
Our suggestion was to pose a question back to them: given the presence of
strong crypto products overseas already, what steps are they taking to deal
with the national security implications of those products? They have to
start thinking about how to operate in a world with strong crypto instead
of trying to hold back the tide.
Will Rodger's article suggests that McCain is getting the idea, at least
regarding export controls.
Rick.
[EMAIL PROTECTED]
