U.S. May Kill Open Source Crypto Export Regs

Snord wrote in with a link to a news.excite.com article about how the government may consider relaxing export controls on open source crypto, not just on commercial closed-source stuff. And the judiciary may make the entire issue moot anyway. Quote from the story: "A three-judge panel of the U.S. Court of Appeals for the Ninth Circuit ruled in May that the source code export limits were a violation of the First Amendment's free speech guarantee, but the decision is being reviewed by the full appeals court." (More Below)

Update: 10/20 08:04 by michael : Note that there's no real reason to believe the export of source code will be permitted under the new regulations - there's been no indication of that whatsoever, rather the "relaxations" have been only on compiled code, and only in very specific situations designed to appease certain specific industries. (Every time the press reports another "relaxation", you might think suddenly crypto is free. Au contraire.) The DOJ has already had an eight-month delay earlier in the Bernstein case when the rules were changed previously (which had no effect on the case); the plaintiffs are arguing that the DOJ shouldn't be allowed to stall any further. Essentially there's a shell game going on, with the government shuffling the crypto ball around under the cups and daring Bernstein and the other litigants to find it.

Why? More like, why not?

[drox]

Why on earth would the release the crypto to be freely available? Why? They would not be able to read our emails, our files, or whatever anymore.

But they (supposedly) can't do that now. 'mericans are allowed strong encryption; it's the export of it (from the U.S.)to other countries that's verboten. But other countries have clever people too. And they can come up with their own versions of stong encryption, resistant to U.S. codecracking.

Alternately, someone in the U.S., in violation of the law, can export strong encyption. The law doesn't stop the export of strong encryption - it just criminalizes it. Once the law is broken and strong encryption gets outside the U.S. borders (what borders? this is the 'net!) all bets are off. The law, at this point, only penalizes the law-abiding citizen.

In answer to the question of why "they" would allow the export of strong encryption... they'd allow it because "they" have already lost, and they know it. Legalizing it would allow the law-abiding to have what the criminals already have.

Re:Patented speech?

[Anonymous Coward]

Here's my opinion, but I'm an engineer and a programmer, not a pin-headed lawyer. You can't patent source code, you patent the allegedly new principle behind the program. If you could and did patent the source code, the source code would be public knowledge. Compiling it would be illegal without a license, but enforcing this is almost impossible. See, patent law makes the details of the invention public, but restricts the implementation of this principle in a working system. It gets a bit more interesting if you re-phrase the question: is source code or other speech implementing a patented principle an "implementation" of the principle. If so, copying source code would be a patent violation just like dis-assembling and copying a Buick. (Assuming something in there was really new enough in principle to be an invention.) I think that C or FORTRAN source code is not yet an implementation. It doesn't do anything until you compile it. However, Java or Basic can be interpreted without compilation so it is an implementation... I've written myself into a corner here, can anyone think of a way out? Out in the real world, software vendors lay on all the patent and copyright protection they can get, and then they add a "software license" which allegedly is a contract between the vendor and user giving the vendor all the rights they can't get from patent & copyright law. So when you clicked OK on the license agreement, you just contracted not to do anything with that CD the vendor doesn't want you to. One more quibble about the "software license": Normally you do not read it in the store, it would cover all six sides of the box. So you first see it after you take the software home. So it is a contract only if you have a reasonable chance to take the software back and get your money back. Which some people tried to do with MS Windows sold with new computers a few months ago, and I don't anyone got a refund. MS wouldn't issue the refunds directly, and the computer manufacturer's claimed that they couldn't get their money back from MS so...no refund.

It would stop Microsoft moving their crypto labs

[Morgaine]

That possibility isn't necessarily being suggested on high moral or commonsense grounds. It may be driven mainly by the desire to prevent Microsoft from moving their crypto development labs abroad, eg. to the UK as was suggested by Gates' recent hob-knobbing with the British PM.

Re:Source code in a book

[alexhmit01]

Basically, the law covers binaries and machine readable instructions. The reason for this is that books are a sacred cow, and if the gov't went after books, the whole scheme would collapse.

Arguing the source code = free speach is an interesting but unclear argument. A cryptographic binary would clearly not be speach, so it could be regulated as a munition. However, the source code is readily compilable into that executable, so where is the distinction? That is the argument for the regulation of machine readable code. Allowing source code as speach but not binaries would be ludicrous.

However, a book with algorithms in it is clearly not excryption for a computer, is it? Regulating a book is dangerous, and the courts protect "the press" really well. If someone was to stand on a soap box explaining encryption, the government would have a difficult time censoring him (legally), and when it is put into a book, they have the same issues. However, in a machine readable format, it can be argued that it is the same as the binary, and electronic data is less protected in the courts than press/speach (see the laws regulating television and radio).

What makes this interesting is that the justification for radio/tv restrictions was that the radio spectrum was a public good with limited capacity, so it was necessary to insure that it was used for the good of the people, while speach and the press are unlimited...
i.e. my printing a newspaper doesn't prevent you from doing so, but if I grab the last channel, you're SOL

Unfortunantly, this screwy standard was appearing to be applied to the Internet, afterall, it applied to cable which was not using a public good (although as regulated monopolies...), but the courts are realizing that the Internet appears to be the extreme of the speach/press, where everyone can publish and not get in the way of others.

The current US restrictions, while well intentioned, are a little silly. However, contrary to what /.'s thing, there is no limitation on key sizes domestically.

The reason for the 128 bit limit is that it is good enough to prevent cracking with current technology, and we like our current 128-bit algorithms. In a few years, when it is insufficient, we'll move to 256 bit keys with the algorithms modified appropriately. I've used 1024-bit keys, but those are usually only used in less secure algorithms, so they are about the same to crack as a 128 bit.

The US Government was well intentioned, as encrypted data made a HUGE different during WWII. Right now, encryption is pretty well known, and there is nothing unique in the US right now. The US Gov't should concentrate on getting a Quantum Computer instead of this nonsense.


The encryption limits are a red herring. Everyone knows that they are retarded, but it allows negotiation. It is VERY important to US Software firms, but they are making several other demands, more H-1B Visas, no Net taxes, etc. As a result, this makes a nice bargaining tool, and the Administration is able to give in to their demands slowly. As a result, they hold on to their cards as long as possible.

Patented speech?

[oren]

... these issues ultimately hinge on whether source code is speech ...

Suppose they are ruled to be "speech". This raises an interesting question... Can "speech" infringe on a patent? ("Speech" can violate copyright, but that's a separate issue.)

Imagine being able to patent rhetoric... Politicians would have to have an army of lawyers clearing their speeches for patented rhetorical techniques (or computing royalties for it). Independent candidates would be weeded up even faster then today.

Yes, of course, the tried and true "answer on an unrelated subject", "ad hominem attacks" and so on have well established prior art. But the patent office will be hard pressed to rule out specific enhancements. The havoc we have for software patents would be mild by comparison.

Even better - imagine that legal techniques would become patentable (this has been suggested before, I know, but patenting "speech" lends it more credit). Lawyers would need lawyers to avoid paying royalties on cross examination techniques.

There's the chance this spectre will make lawyers and politicians to amenable to renouncing software patents (and business practice patents) on first amendment grounds.

Of course, given that the lawyers and politicians interpret and make the law, chances are that "speech" would be patentable if and only if it doesn't give them any headaches :-)

Re:The stupid law, the paranoids and TRUE LIBERTY

[Steve B]

It's only relatively recently that the U.S. government has decided that satisfying its curiosity about its own citizens' affairs is more important than protecting their liberty.

I had no idea that history education had deteriorated quite as far as this. The U.S. government has been engaging in such abuses, insofar as they could get away with it, from the early days of the Republic (look up "Alien and Sedition Acts" sometime, and for extra credit study the actions of Attorney General Palmer).
/.

Re:Some questions

[weloytty]

From what I understand, US users are not allowed to use PGPi because of patent restrictions on RSA, NOT because "in the US everyone was limited to 128bits". The US has a very 2 faced policy: use whatever you want (PGP Key lengths of 4096 bytes are not uncommon), you just cant take it out of the country.

How to outlaw crypto w/o violating constitution.

[Anonymous Coward]

The way to outlaw some constitutionally protected right is to levy so many requirements on it that it becomes practically impossible for anyone to make themselves compliant enough to be able to execrise that right. Some related real life examples:

Mining in Colorado. Mining cannot be outlawed in Colorado because Fed regs supercede CO law. However, Colorado, who controls the issuance of new mining permits, has set up their system in such a way that for anyone to actually doo all the environmental impact studies, surveys, reports file the paperwork, undergo the hearings, do the required analysis, etc. is estimated to require 400 years to complete. Is mining in CO legal? Yes! But in reality it has been stopped. The only way do mining in CO is to buy an existing mine that was operating before the new rules took effect as they are grandfathered in.

WRT guns, many states and cities require permits to own guns. THat permit process can be made exhorbinantly difficult to complete (look at getting a CCW permit in Los Angeles County). Proposed legislation in many places will require trigger locks on guns. Canada requires guns and ammo to be stored in separate LOCKED boxes maing their quick access for defense useless. None of this "outlaws guns". That would be unconstitutional. Gov't just wants to set up so many hoops for you to jump through to exercise that right, that you'll give up in frustration. Gov't wins its gun ban without banning guns.

The same can be done with crypto. Be afraid. Be very afraid. The battle is far from over.

Quantum Computing

[Turnip Demon]

I'm guessing that the US Gov't is concentrating on getting a Quantum Computer. Would you expect them to tell us about it?

We need both

[Gleef]

We need both the court ruling and the relaxation of regulations. The relaxation of regulations might very well not cover source code by the time it actually appears. On the flip side, the court ruling definately will not cover binaries, it would only open source code as speech.

----

Re:Keyword is *may* change...

[Dr.Evil]

While that's true, unfortunately, this news does have a bearing on the case*. Any party who brings suit in court has to have standing to sue - the defendant must be accused of a specific harm against the plaintiff. If it can be shown that the harm no longer exists (the US Gov't no longer restricts source code exportation), the plaintiff loses standing and the case is dismissed.

What the DOJ is arguing is that the specific charge might no longer exist if the export rules are changed, which is true. From that standpoint, it might be better if the rules don't change before the case is decided...

* Keep in mind, IANAL.

Re:Some questions

[Anonymous Coward]

Other countries don't have these strang regulations, it would only take 1 copy in anothe country to make it available to everyone.

The issue isn't availability, it's ubiquity. The administration knows as well as you or I that any intelligent person can go ahead and download GPG, SSH, or any of a number of strong crypto products.

What they're trying to prevent is the automation of this process: if every email client shipped with strong crypto enabled by default, they could no longer take advantage of people who misconfigure their systems, forget to use PGP, or simply don't know how easy email snooping is.

Are there any Open Source crypto systems that exist, but are only available in the US? I don't think so...

And the reason that so few open source crypto systems are developed in the US is that the developers know that their work can't be exported.

In fact, because of the "No hooks" clause, it can be quite complex for any international open source effort that incorporates US coders to make a secure application. For instance, if GNOME wanted to include PGP hooks in their email client, they'd need to supply the crypto code in a non-US patch. RedHat couldn't include the secure version on their regular CD's. US developers who wanted to hack on the mailer would need to make sure that they tested their patches with the crypto code enabled, but couldn't put snapshots on the web.

In short, the current system doesn't stop people from getting crypto, it makes it highly inconvenient for developers and distributers to integrate crypto into open systems.

Which is exactly what the 'they' wants.

Re:Source code in a book

[Chandon Seldon]

There was a ruling that speach over the internet was equivilent to written speach... I believe the case was "Reno vs. the ACLU" - Therefore if you made a copy of the PGP book avalibable as a computer file....

Re:Keyword is *may* change...

[osterby]

Not only that, considering source code as speech would also serve to move software from the realm of patents into the realm of copyright where it makes a bit more sense to put it.

See patent law for programmers [slashdot.org] discussion.

Re:How to outlaw crypto w/o violating constitution

[Xenu]

Another favorite trick of the feds is to tax it to death. This was done to certain weapons by the National Firearms Act. Something similar was done to marijuana, although I think the crime was not paying the tax.

more lies from the government

[sboss]

Why on earth would the release the crypto to be freely available? Why? They would not be able to read our emails, our files, or whatever anymore. The problem is that finacial transactions (either credit card purchases, on-line banking, etc) needs to be secure but it is hard to be secure when you can't have real crypto. I really hopes that it happens, but I will doubt it til I see it.

Scott


Scott
C{E,F,O,T}O
sboss dot net
email: scott@sboss.net

Re:Outlaw?

[eries]

..... Wake up Neo. Bill has you. Follow the black penguin.

Congrats, Deadcat. You win the best /. tagline contest. Hats off to you...

Re:Patented speech?

[Analog]

So you first see it after you take the software home. So it is a contract only if you have a reasonable chance to take the software back and get your money back.

I was reading a court decision regarding this a while back (it was on the 'net, don't remember where) and according to the judge in that case it's only a viable contract if the terms were visible on the package at the time of sale. If the contract is inside the package (as with most EULA's), unless you open the package and read it before handing the clerk your money, the EULA isn't valid.

As with all things lawyerly though, I'm sure it only applies in that place at that time with the moon in that position...

Re:Funny....

[radja]

It is a right, but sometimes rights need a little help. I have a right to live, but I still would like the government to protect that right by cracking down on would-be murderers.

//rdj

Re:It would stop Microsoft moving their crypto lab

[radja]

frankly I don't care exactly why a good thing happens. For all I care they allow crypto to allow Bill Clinton to hide his affiliation with the KKK.
(no, he most probably isn't affiliated to the KKK, branch davidians, or nazi-scum campaigning for a hunting season of black people). The important thing here is that a good thing happens.

//rdj

And there was much rejoicing.

[Xerithane]

I can't say how please I am that there is finally someone in the judiciary system that still knows what the first amendment is.
Freedom of speech, unmoderated, unregulated, and uncensored is our right -- and now we are getting it back!
If this actually goes through I hope everybody uses it to the fullest potential. Don't let it go to waste -- it may get revoked and we may have to submit to a big brother system, be vocal about it. It's a good thing, and let them [government entities] know that.
-= Making the world a better place =-

It's about damn well time.

[7card]

I think it is about damn well time.

C|Net's reporting it, too

[JamesKPolk]

*Just* as I get done submitting this puppy, up it goes! Oh, well...

Clinton, and his army of spooks see themselves in a real pickle here. On one side, they have the First Amendment hindering their nefarious plotting, and on the other side they have a raving band of open source zealots doing the unthinkable: sharing!

On one side, their laws are being exposed as unconstitutional, and on the other, the spread of PGPi, OpenBSD, adn such are making the laws moot.

I'd throw in a comment about Clinton's place in history, but it'd probably get me moderated down. :-)

*If* it happens, very good...

[Anonymous Coward]

This would be a very good thing if it happens, and happens right. We may finally get linux (and *BSD of course) distros that come very secure straight out of the box, without having to jump through all the hoops like OpenBSD does, or keep packages on a non-us server like Debian.

On top of that, the potential for unencumbering software like Mozilla is exciting.


mmm... standard 128+ bit browsers, standard (Open)SSH, no more telnet...

I just hope it is this unregulated. Of course there's still the concern of binary limitations, which to my understanding have only been slightly lifted for commercial entities with the "blessing" of big bro.

Thank god

[dan.c]

Living in the UK, its horrible watching you guys over the pond being able to have all that stuff, now we may actually have a chance!!!!

yahooooo

Re:And there was much rejoicing.

[Sun]

Now if only Israel came to a similar conclusion, I might actually be able to use those things.

The stupid law, the paranoids and TRUE LIBERTY

[Taco Cowboy]

It was a stupid law to begin with, and it was the product of the paranoids in the US government.

Instead of trusting the people of capable to take care of themselves, those paranoids, well-meaning or not, decided that it is better to "Prevent the people from hurting themselves.

The day the US government is not rid of those paranoid, the day the US people do not get to enjoy TRUE LIBERTY.

Not moot by a long shot

[NatePuri]

I spoke with Bernstein's lawyer a few days ago and while she was very optimistic that the 9th Circuit would find in her favor again, she was worried about the over all landscape of the crypto laws because the Circuit court in Ohio will hear another case involving a law professor's request for a BXA license to teach his students (Junger v. Daley).

There the Northern District of Ohio upheld the BXA's denial of a license. Now it is on appeal. If the federal appeals court in Ohio affirms the district court's holding, we will have a split of opinion in the federal courts. This means that one circuit would hold that source code is speech and another would hold that it's not. Then we would have to see if the Supreme Court would resolve this split. It may not, then we would have disparate laws in the various federal jurisdictions.

In addition, even if the Clinton Administration revamps its rules the issue would persist whether any licensing scheme regulating the publication of encryption source code would violate of the 1st Amendment. The specific issue is whether the requirement that license approvals must be finalized by the president are an arbitrary prior restraint on free speech and violative of the 1st Amend. The general issue is whether any licensing scheme that regulates source code of any kind is a prior restraint on free speech and a 1st Amend violation.

Both of these issues ultimately hinge on whether source code is speech. And we already have one court saying it is and another saying that it isn't.

The ray of hope in all of this is that if the Supreme Court does eventually get to resolve this split in all likelihood it will find that source code is speech and give it full 1st Amend protections. The reason for this is that we have an exceptionally conservative bench that tends to employ a literalist textual method of interpreting the constitution. They will hold that any prior restraint must meet the strictest scrutiny; the government can only restrain speech when it is in the country's imminent national security interest where they know immediate harm will occur to our security if the speech is not restrained.

Source code will never meet this test unless the code is 'how to destroy our financial networks' or something like that (IOW software as a weapon). Encryption can always be used for non-harmful purposes so it will not fit the S.Ct.'s strict scrutiny standards.

I plan on attending the Bernstein Appeals hearing in December. If anyone is interested in attending with me, email me and I'll let you know when and where. It's in San Francisco. I can also find out the locations for the Junger hearing in Ohio; there's also a crypto case called Karn in D.C. I can find out the details of that as well. We should all go to these hearings and make a show of support for the 'source code is speech' platform.

Re:Some questions

[Anonymous Coward]

The point is they don't want everyone using strong crypto because it will foil their thought control techniques. They might be able to crack a few messages in real time, but if the whole world gets rolling forget it. So it doesn't matter that much if a few thousand nerds use it. They don't want Joe Blow using it and creating cover traffic.

Source code in a book

[Lucius Lucanius]

I remember browsing in '95 a crypto book (PGP, I think) with a nifty preface, in which they describe how the book contains the entire source code in a format ideal for OCR scanning. This was because even though the compiled binary was illegal for export, the *book* with the source code was a book, and thus could not only be exported but contain guidelines for scanning and compilation to create the final product.

Rather schizophrenic situation, and ironic to boot, esp. since the binary is considered a "munitions" product. Just about the entire book consisted of only source code - can't remember what it was. I guess there are subtle legal differences between exporting a book w/ source code vs. posting the source code for download.

BTW, when Phil Zimmerman of PGP won a legal case against the FBI, a govt. agent asked him how he felt. His answer - "Pretty Damn Good".


L.

Outlaw?

[Dreadcat]

But lets face it, it feels sort of GOOD to use
"illegal" software, doesnt it? :-)

"GNU privacy Guard - for that underground feeling"

I'll believe it when I see it.

[Admiral Burrito]

Yet another promise in a long line of promises.

Most of the past promises have been "kept", sort of. The export regs have been changed but never enough to actually free strong crypto.

The government always has, and still does, consider widespread strong encryption to be their enemy. That's something very fundamental, folks. They're not going to free crypto until there is a fundamental change in their thinking.

We're going to see many more promises of relaxed regulations before we see any real change.

Personally, I think that when 100% of the world's communications are strongly encrypted, we'll still be hearing promises of relaxed export regs.

File this one under "vaporware".

Re:Some questions

[Lion-O]

1. Who hasn't got / can't get crypto anyway?

My guess would be mostly companies who also have their contacts in the US and rely on encrypted communication. This is due to the fact that as long as you want to communicate with people from inside the US you'll have to lower the encryption bitcode to 128, which immediatly brings me to your next question;

2. Are there any import restrictions for strong crypto?

As far as I know there are, or there were to be more precise, but to a certain extend. I'm into PGP for quite some time now (started using it on FidoNet back in '93 / '94 I believe) and I can remember that we once had PGP which was "smuggled" out of the US using the book which another /. mentioned and finally there was some Fin (not 100% sure here) who actually started scanning the critter in order to compile it. That process took him several weeks (some people also have a social life ;-)) but when he was done the result was pgp 2.xi (international version) which was compatible with the US to some degree. However; pgpi could also be used in a way that it wasn't compatible with the pgp in the US. Afaik this was due to keylengths

However; all the documentation clearly stated that residents of the US were legally not allowed to use pgpi since it could handle over 1024 bit keys while in the US everyone was limited to 128bits. So basicly you don't have any import restrictions but since I can't see why anyone outside the US would settle for 128bit keys I think you could label this minor restriction as a major one when it concerns importing.

Funny....

[jaqbot]

I thought free speech was a "right"...not just a guarantee. Sounds like a shifting paradigm. :) It's kind of scary to see how people refer to things which are so fundamental to our daily lives. Almost scary.

Some questions

[niven]

1. Who hasn't got / can't get crypto anyway?
As in: Other countries don't have these strange regulations, it would only take 1 copy in another country to make it available to everyone.
Are there any Open Source crypto systems that exist, but are only available in the US?
I don't think so...

2. Are there any import restrictions for strong crypto?
It would truly be weird if the rest of the world has strong crypto but the US hasn't, especially when it's OS and free to download...

Chris

Re:Thank god

[Brian the Bold]

Er... what?

We already have access to it, and there is no restriction on the export of intangibles from the UK (yet).

Granted the UK government is attempting to pass some laws with draconian clauses concerning encryption keys, but they have not done so yet and there is a lot of opposition!

In other news....

[delld]

... reliable sources from inside the white house have leaked information the the government will soon be easing export regulations on encription. Specifically rot13 will now be able to be exported to Canada. Our sources tell us that this easing is to promote the internet in lesser developed countries.

-- If it ain't the whole horse - it ain't worth nothing.

We in the UK are better off!

[Paul Crowley]

In practice, we can get all the crypto we want (look at the Debian non-US stuff) but we can also export it freely; I have source code for my algorithms on my Web pages. Wasenaar may change this but at the moment it looks like it won't.
--

Re:The stupid law, the paranoids and TRUE LIBERTY

[Daffy Duck]

No, it wasn't a stupid law to begin with. It's only been a stupid law for two or three decades due to the wide public availability of crypto technology from academic sources.

Circa WW2, when crypto was almost exclusively a military tool, it made a whole lot of sense to include it in a list of technologies that would directly threaten the U.S. if they were to get overseas. The point was that enemy nations could directly harm us good guys if we were unable to crack their codes. (See any number of texts on how cryptanalysis changed the course of the war.) It had nothing to do with U.S. citizens' ability to use encryption domestically. It's only relatively recently that the U.S. government has decided that satisfying its curiosity about its own citizens' affairs is more important than protecting their liberty.

Laws take a long time to change. This is good. Because once these stupid regulations are eliminated, you don't want the next boneheaded fascist administration to be able to just put them back at their whim.

What does Linux have to do with this?

[dbaker]

Although the article is quite interesting and encouraging for those of us that would like to see more relaxed crypto laws, I do have to wonder why Linux is such a popular topic in this article:

"...in a possible move acknowledging the growing importance of Linux, a top export official said Tuesday."

How does this acknowledge Linux? Is this just an attempt for the government to sound clued? Of course we know the government is clued; our vice president invented the Internet!
--
Daniel Baker - dbaker@cuckoo.com - dbaker@distributed.net

Keyword is *may* change...

[proberts]

Basicly the USG is arguing in Bernstein's case that because there's an off chance they'll modify the export regulations, the case should be delayed. He's pointed out that they've said this before (when the export regs. moved to commerce), and it didn't happen.

What really needs to happen is that the full court needs to uphold the decision that software source code is covered by 1st ammendment protection. Then no matter what, it can't be legislated against. That's much more important than the government simply changing its export stance temporarily.

Paul

Re:Not moot by a long shot

[xnixnix]

Both of these issues ultimately hinge on whether source code is speech. And we already have one court saying it is
and another saying that it isn't.
Correct me if I am wrong, but I have a feeling that the abstraction can be taken higher: Is information or the medium that carries it or services acompanying (?spelling?) that information
the part of a sale that is actually sold? Or in other words: Can the laws of possesion (pertaining to tools or weapons or such), covering their use and distribution, be applied to the information that these objects inherently carry?

Re:Some questions

[sumner]

2. Are there any import restrictions for strong crypto?

Not in the US. There are international versions of some packages (SSLeay/OpenSSL, pgp, ssh) that are somewhat faster or more featureful because of RSA patent restrictions, but that's a different issue. Some other countries restrict the import or even use of crypto; Russia and France were the paradigmatic examples, but the situation in France has been improving of late.

I believe the RSA patent expires the 20th of September, 2000. Less than a year away...

Sumner

Interesting for Linux

[jflynn]

Well, I don't know if we'll get relaxed regulations out of this, but the very fact that a U.S. president acknowledged Linux, and considers it important, is major progress for acceptance of the OS and OSS. Maybe he just realized that throwing over 10M voters away wasn't smart :), but it means the same anyway - Linux is on the radar screen in mainstream America, and considered either a political or economic force by politicians.

OSS sheds light on the encryption debate in a useful way. Clearly the development model itself requires the ability to publish sources, and any OS that wants to be used widely must support encryption. Very dangerous for a government to try to shutdown or harass a volunteer movement, the press can have too much fun portraying Big Government vs. Altruistic Volunteers. This plays even better than Big Government vs Evil Microsoft I suspect.