Re: PGP in the US (Re: formal documents)
Gregory S. Stark [EMAIL PROTECTED] wrote: It might not be legal for someone to give him PGP or explain how crypto works even while he's in the US. No, the regulations prohibit export. If he's in the US, that's not export. As you mention, even if it was a problem, it would be a problem for the exporter, not the user. [That said, if you are a cryptographer and you want to talk to people without having to get proof of their citizenship you might want to review Berstein vs. US Dept. of State...] -- Raul
Re: PGP in the US (Re: formal documents)
Hamish Moffatt [EMAIL PROTECTED] writes: This reminds me of a joke; unfortunately I couldn't track it down in a quick look on altavista and I haven't any more time to look for it. In short, a man attends several days of a trade show and each day tells a security guard that today he will steal many things and yesterday he stole many good things. He is stealing ideas. % fortune -m 'stealing ideas' (computers) % There once was a man who went to a computer trade show. Each day as he entered, the man told the guard at the door: I am a great thief, renowned for my feats of shoplifting. Be forewarned, for this trade show shall not escape unplundered. This speech disturbed the guard greatly, because there were millions of dollars of computer equipment inside, so he watched the man carefully. But the man merely wandered from booth to booth, humming quietly to himself. When the man left, the guard took him aside and searched his clothes, but nothing was to be found. On the next day of the trade show, the man returned and chided the guard saying: I escaped with a vast booty yesterday, but today will be even better. So the guard watched him ever more closely, but to no avail. On the final day of the trade show, the guard could restrain his curiosity no longer. Sir Thief, he said, I am so perplexed, I cannot live in peace. Please enlighten me. What is it that you are stealing? The man smiled. I am stealing ideas, he said. -- Geoffrey James, The Tao of Programming % I've seen the entire Tao available to download somewhere. -- Carey Evans http://home.clear.net.nz/pages/c.evans/ So, do you steal weapons from the Army often? Well, we don't get cable, so we have to make our own fun.
Re: PGP in the US (Re: formal documents)
Thanks for all. I'll use US-PGP and discard it before leaving the US. Regards. -- Kikutani, Makoto [EMAIL PROTECTED] [EMAIL PROTECTED] (Linux related only)
Re: PGP in the US (Re: formal documents)
[EMAIL PROTECTED] writes: Kikutani Makoto writes: I'm a Japanese living in the United States, but not a permanent resident. I've heared that the usage of PGP in the States by a person like me is controversial. You heard wrong. Your nationality and residency status is irrelevant. Well, not entirely irrelevant, though not really important for this case. It might not be legal for someone to give him PGP or explain how crypto works even while he's in the US. However, Japan is not exactly a big terrorist nation and this is weakest part of the whole thing as far as first amendment violations goes. The government has not to my knowedge even threatened to apply this part anywhere, and many universities with foreign grad students would line up to help defend someone prosecuted on such a basis. In any case it wouldn't be you breaking the law, but the person helping you use PGP. But really, i wouldn't worry about this, the only things the government or the patent holders are likely to worry about are export of crypto and significant commercial use of RSA, respectively. So the safe thing to do is use pgp-us while in the US, and delete it from your computer before leaving the US. (that said, i'm not a lawyer and don't blame me if i'm wrong) greg
Re: PGP in the US (Re: formal documents)
On 1998/10/04, [EMAIL PROTECTED] wrote: Kikutani Makoto writes: Yes, my PGP is an international version which was built in Japan, and I brought it in my laptop. The international version infringes the RSA patent and so the owner of the patent (PKP?) could theoretically sue you for using it in the US. All they could get is an injunction ordering you to stop, though. There is no real chance that they would bother. If you are feeling paranoid, delete your international version and install the US one. But of course I can't prove it. There is no reason why you would need to do so. The munitions export laws (unrelated to the patent issue) forbid the export of strong pgp from the US, regardless of its origin. You are safe from those as long as you stay in the US. Theoretically, you should delete pgp from your laptop before you take it home. I seem to recall that transfer of cryptographic software to a non-US citizen is already considered export in the US. IANAL. - Ruud de Rooij. -- Ruud de Rooij [EMAIL PROTECTED] http://sepc.twi.tudelft.nl/~derooij/
Re: PGP in the US (Re: formal documents)
On Sun, Oct 04, 1998 at 02:18:39PM -0500, [EMAIL PROTECTED] wrote: 3) It is a violation of US law to export any kind of pgp from the US. This is true even if you brought it here in the first place. This reminds me of a joke; unfortunately I couldn't track it down in a quick look on altavista and I haven't any more time to look for it. In short, a man attends several days of a trade show and each day tells a security guard that today he will steal many things and yesterday he stole many good things. He is stealing ideas. Remember to clear your brain of how public key cryptography works before leaving the USA ... Hamish -- Hamish Moffatt VK3TYD [EMAIL PROTECTED], [EMAIL PROTECTED] Latest Debian packages at ftp://ftp.rising.com.au/pub/hamish. PGP#EFA6B9D5 CCs of replies from mailing lists are welcome. http://hamish.home.ml.org
Re: PGP in the US (Re: formal documents)
I wrote: You heard wrong. Your nationality and residency status is irrelevant. Gregory S. Stark writes: It might not be legal for someone to give him PGP or explain how crypto works even while he's in the US. ... In any case it wouldn't be you breaking the law, but the person helping you use PGP. If the person you give the 'munition' to exports it, you may be prosecuted if the Government thinks that you had reason to believe that he might do so. Him being a non-resident alien is considered such a reason. However, if he does not export it no law has been broken. -- John HaslerThis posting is in the public domain. [EMAIL PROTECTED] Do with it what you will. Dancing Horse Hill Make money from it if you can; I don't mind. Elmwood, Wisconsin Do not send email advertisements to this address.
Re: PGP in the US (Re: formal documents)
Ruud de Rooij writes: I seem to recall that transfer of cryptographic software to a non-US citizen is already considered export in the US. No. Transfer of cryptographic software to a non-resident alien may expose one to proecution if and only if the alien subsequently exports the software. Because of this vendors of cryptographic software refuse to sell to non-resident aliens. As long as they sell only to US residents who say that they are not going to export the software, the vendors are safe from prosecution as accessories to the crime of exporting controlled munitions. I had to deal with this idiocy back in the eighties when I was building computers which may have qualified as 'munitions'. -- John Hasler [EMAIL PROTECTED] (John Hasler) Dancing Horse Hill Elmwood, WI
Re: PGP in the US (Re: formal documents)
On Sun, Oct 04, 1998 at 11:23:52AM -0400, Kikutani Makoto wrote: I'm a Japanese living in the United States, but not a permanent resident. I've heared that the usage of PGP in the States by a person like me is controversial. I posted this qestion to some related Mailing-Lists (such as mutt-users). Someone said No problem, someone said You shouldn't use it. I'm very confused. If you brought it with you (and can PROVE it) there is probably no problem in theory. Yes, my PGP is an international version which was built in Japan, and I brought it in my laptop. But of course I can't prove it. I've considered to join Debian maintainer before. But I gave up it because the PGP problem is not clear. Just shrug and consider it a non-issue. Be sure before you return that you delete PGP from your system. You can reaquire it when you cross the borders easy enough. Importing PGP is no problem, exporting it is a big one---assuming they catch you before you're out of reach. chuckle I wouldn't worry about it till then though. pgpYqHoJsN36I.pgp Description: PGP signature
Re: PGP in the US (Re: formal documents)
On Sun, Oct 04, 1998 at 10:49:26AM -0500, [EMAIL PROTECTED] wrote: If you brought it with you (and can PROVE it) there is probably no problem in theory. It doesn't matter where he got it. It is entirely legal for anyone to use or distribute strong crypto in the US. The only restriction is on export. He is perfectly safe as long as he does not take it with him when he goes home. Many people have corrected me on this. I thought it was not acceptable for a foriegner to aquire crypto from a US citizen. That misconception has been explained. pgpCijlYM1Adh.pgp Description: PGP signature
Re: PGP in the US (Re: formal documents)
On Mon, Oct 05, 1998 at 09:57:24AM -0500, [EMAIL PROTECTED] wrote: I had to deal with this idiocy back in the eighties when I was building computers which may have qualified as 'munitions'. And remember that books are the purest form of evil and should always be burned if they have not been published by the gornenment. The current edition of the dictionary is much smaller than the last edition, and the edition they're working on will be smaller yet. You already know what happens in room 101. We have always been at war with Oceanna. Newscasters never lie and television is the purest form of entertainment. Place all of your trust in those in power. Certainly they could not have gotten there without being honest, hard working, good people could they? No of course not, don't be silly, the public would reject a corrupt leader. And remember to be home by 6:30pm, only criminals are out later than that and the hard curfew is 7pm after all. Anyone found outside after curfew is obviously a criminal and quite probably a traitor. They want to know where have you been? No, it's all right, they know where you've been. (Does it sound like I think these export policies are idiotic at the least and the sign of darker motives clad in the name of Safety and Security at worst? I thought so.) pgpB6yI6XNuvG.pgp Description: PGP signature
Re: PGP in the US (Re: formal documents)
On Mon, 5 Oct 1998, Joseph Carter wrote: On Mon, Oct 05, 1998 at 09:57:24AM -0500, [EMAIL PROTECTED] wrote: I had to deal with this idiocy back in the eighties when I was building computers which may have qualified as 'munitions'. And remember that books are the purest form of evil and should always be burned if they have not been published by the gornenment. Especially those containing crypto source code, as they can be legally exported (OCR fonts, anyone?) I don't know if anyone has tried a test case of a book which contains a uuencoded binary. Welcome to the land of the free and the home of the brave. The current edition of the dictionary is much smaller than the last edition, and the edition they're working on will be smaller yet. You already know what happens in room 101. We have always been at war with Oceanna. Newscasters never lie and television is the purest form of entertainment. Place all of your trust in those in power. Certainly they could not have gotten there without being honest, hard working, good people could they? No of course not, don't be silly, the public would reject a corrupt leader. And remember to be home by 6:30pm, only criminals are out later than that and the hard curfew is 7pm after all. Anyone found outside after curfew is obviously a criminal and quite probably a traitor. They want to know where have you been? No, it's all right, they know where you've been. (Does it sound like I think these export policies are idiotic at the least and the sign of darker motives clad in the name of Safety and Security at worst? I thought so.)
Re: PGP in the US (Re: formal documents)
On Mon, Oct 05, 1998 at 11:43:29AM -0700, Bob Nielsen wrote: I had to deal with this idiocy back in the eighties when I was building computers which may have qualified as 'munitions'. And remember that books are the purest form of evil and should always be burned if they have not been published by the gornenment. Especially those containing crypto source code, as they can be legally exported (OCR fonts, anyone?) I don't know if anyone has tried a test case of a book which contains a uuencoded binary. Welcome to the land of the free and the home of the brave. Land of the wiretapped by chickens seems more appropriate. pgpOQ96YebNq7.pgp Description: PGP signature
PGP in the US (Re: formal documents)
On Sun, Oct 04, 1998 at 12:47:45AM +0100, James Troup [EMAIL PROTECTED] wrote: Do you accept a passport as the above formal documents ? Yes. [Though if there is any opportunity to meet another developer in Good. I asked this because Japanese developers who are planning to become maintainers feel difficulty to have an international call for the real-life identity verification. BTW. I'm a Japanese living in the United States, but not a permanent resident. I've heared that the usage of PGP in the States by a person like me is controversial. I posted this qestion to some related Mailing-Lists (such as mutt-users). Someone said No problem, someone said You shouldn't use it. I'm very confused. makoto -- Kikutani, Makoto [EMAIL PROTECTED] [EMAIL PROTECTED] (Linux related only)
Re: PGP in the US (Re: formal documents)
On Sun, Oct 04, 1998 at 09:49:44AM -0400, Kikutani Makoto wrote: Do you accept a passport as the above formal documents ? Yes. [Though if there is any opportunity to meet another developer in Good. I asked this because Japanese developers who are planning to become maintainers feel difficulty to have an international call for the real-life identity verification. BTW. I'm a Japanese living in the United States, but not a permanent resident. I've heared that the usage of PGP in the States by a person like me is controversial. I posted this qestion to some related Mailing-Lists (such as mutt-users). Someone said No problem, someone said You shouldn't use it. I'm very confused. If you brought it with you (and can PROVE it) there is probably no problem in theory. I wouldn't put it past the gov't to try it, but if they do I'm sure the EFF and/or ALCU would be HAPPY to make a Very Very Big Issue out of it. Most of those who are citizens of the US who routinely export crypto or have done so in a public manner as an act of civil disobedience do so fully realizing the consiquences---but also fully realizing how silly the case is going to look when the EFF starts making press releases saying that someone was arrested for downloading a web page, then clicking a submit button to send the information downloaded back to the same server it was retrieved from.. You have to admit they'd look damned silly and it would probably look really bad for them justifying the crypto laws considering. I've participated in this. I can tell you that after 8 months, nothing has been done to me or to anyone else who has done this. I'm sure my fones are probably tapped and all that, but shrug I've always assumed that unsecure links are unsecure and that someone with enough money and power (the US gov't comes to mind) can probably crack a secure link as well. pgpOklIRhnO01.pgp Description: PGP signature
Re: PGP in the US (Re: formal documents)
On Sun, Oct 04, 1998 at 07:57:40AM -0700, Joseph Carter [EMAIL PROTECTED] wrote: I'm a Japanese living in the United States, but not a permanent resident. I've heared that the usage of PGP in the States by a person like me is controversial. I posted this qestion to some related Mailing-Lists (such as mutt-users). Someone said No problem, someone said You shouldn't use it. I'm very confused. If you brought it with you (and can PROVE it) there is probably no problem in theory. Yes, my PGP is an international version which was built in Japan, and I brought it in my laptop. But of course I can't prove it. I've considered to join Debian maintainer before. But I gave up it because the PGP problem is not clear. Thanks for the responce. makoto -- Kikutani, Makoto [EMAIL PROTECTED] [EMAIL PROTECTED] (Linux related only)
Re: PGP in the US (Re: formal documents)
Joseph Carter writes: If you brought it with you (and can PROVE it) there is probably no problem in theory. It doesn't matter where he got it. It is entirely legal for anyone to use or distribute strong crypto in the US. The only restriction is on export. He is perfectly safe as long as he does not take it with him when he goes home. -- John HaslerThis posting is in the public domain. [EMAIL PROTECTED] Do with it what you will. Dancing Horse Hill Make money from it if you can; I don't mind. Elmwood, Wisconsin Do not send email advertisements to this address.
Re: PGP in the US (Re: formal documents)
Kikutani Makoto writes: Yes, my PGP is an international version which was built in Japan, and I brought it in my laptop. The international version infringes the RSA patent and so the owner of the patent (PKP?) could theoretically sue you for using it in the US. All they could get is an injunction ordering you to stop, though. There is no real chance that they would bother. If you are feeling paranoid, delete your international version and install the US one. But of course I can't prove it. There is no reason why you would need to do so. The munitions export laws (unrelated to the patent issue) forbid the export of strong pgp from the US, regardless of its origin. You are safe from those as long as you stay in the US. Theoretically, you should delete pgp from your laptop before you take it home. 1) It is not a violation of US law for anyone to use any kind of pgp anywhere. The US has no laws restricting the use of cryptography. 2) It is not a violation of US law to bring any kind of pgp into the US. Infringing a patent is not a crime. 3) It is a violation of US law to export any kind of pgp from the US. This is true even if you brought it here in the first place. 4) It is an infringement of the RSA patent to use pgp-i in the US. You are extremely unlikely to be sued, though. 5) It is not an infringement of the RSA patent to use any kind of pgp outside the US. I've considered to join Debian maintainer before. But I gave up it because the PGP problem is not clear. Don't export it and you are safe from the US Government. Don't use pgp-i in the US and you are safe from PKP. -- John HaslerThis posting is in the public domain. [EMAIL PROTECTED] Do with it what you will. Dancing Horse Hill Make money from it if you can; I don't mind. Elmwood, Wisconsin Do not send email advertisements to this address.