[1677] in cryptography@c2.net mail archive
Re: Legislation is useless
daemon@ATHENA.MIT.EDU (Marc Horowitz)
Wed Oct 1 15:32:38 1997
To: Phil Karn <karn@qualcomm.com>
Cc: cryptography@c2.net
From: Marc Horowitz <marc@cygnus.com>
Date: 01 Oct 1997 15:18:21 -0400
In-Reply-To: Phil Karn's message of Tue, 30 Sep 1997 20:05:38 -0700 (PDT)
Phil Karn <karn@qualcomm.com> writes:
>> We already have two excellent examples of highly successful grassroots
>> crypto projects: PGP and SSH. Both were originally conceived by lone
>> individuals with a vision (Phil Zimmermann and Tatu Ylonen),
>> implemented with enthusiastic volunteer help and made freely available
>> in source form on the net where they became de-facto Internet
>> standards as the "official" efforts (PEM, TLS and IPSEC) languished in
>> an increasingly OSIfied IETF. There's no reason to believe that this
>> sort of thing can't happen again.
I don't believe PGP or SSH has as many users as TLS does. This is
probably because Netscape had the financial resources to play the
export game, and was willing to compromise on crypto strength.
PGP is available full-strength around the world. Early versions got
out of the US because they were smuggled out. Later versions got
there on paper and were scanned. Neither is a very good business
model, and for any of these systems to become truly ubiquitous, they
will need commercial backing. (I'm suddenly reminded of the time I
spent in the Museum at Checkpoint Charlie in Berlin after IETF, and
how it documented the escalation of the East German people vs their
government, as the people tried to escape. The PGP situation is
disturbingly similar. Fortunately smuggling out crypto will never
require the measures to which the East Germans were forced to resort.)
SSH is not made in the US, so our silly rules don't matter to Tatu
like they did to Phil.
Right now, crypto is something cypherpunks use. Sure, other people
use it too, but until it becomes something *everyone* uses, it will be
possible for the government to try to limit its use.
I'm not going to stop hacking crypto, but I'm not going to stop being
cynical, either.
Marc
