| 1 |
On 2021-09-26 21:20, Rich Freeman wrote: |
| 2 |
|
| 3 |
> Back in the PGP ITAR days I believe somebody went through some |
| 4 |
> loopholes to publish the software outside the US, |
| 5 |
|
| 6 |
Yes, PGP 2.6 source code got published as an OCR-friendly book |
| 7 |
(https://dl.acm.org/doi/book/10.5555/207390) which was then legally |
| 8 |
taken from the US abroad. |
| 9 |
|
| 10 |
> and it is probably debatable whether that was legal under US law, |
| 11 |
|
| 12 |
I am no expert on US law but from what I have read (in many different |
| 13 |
sources, with me having begun using PGP in either late 1996 or early |
| 14 |
1997 i.e. when it was still very much subject to US export restrictions) |
| 15 |
about this case, both the publishing of the source-code book and it |
| 16 |
having subsequently been taken out of the country has been legal - the |
| 17 |
former due to publishing the first amendment and the second due to the |
| 18 |
scope of ITAR as far as crypto software was concerned. |
| 19 |
|
| 20 |
> but presumably the people who did it didn't care, and enforcement was |
| 21 |
> unlikely at all, and especially unlikely if you didn't have plans to |
| 22 |
> visit the US after bragging about distributing it. |
| 23 |
|
| 24 |
I don't know if Ståle Schumacher (the person who scanned the book and |
| 25 |
subsequently published "international" versions of PGP 2 in Norway) ever |
| 26 |
visited the US afterwards. On the other hand the source-code book |
| 27 |
itself, the purpose of which was rather clear given it even contained |
| 28 |
notes on how to OCR it, was written by a US person (Phil Zimmermann |
| 29 |
himself) and published by a US company (MIT Press) - so I am not quite |
| 30 |
convinced they either thought they would be our of reach of US law |
| 31 |
(indeed, wasn't PRZ still being persecuted by US Customs at the time?), |
| 32 |
or didn't care. |
| 33 |
|
| 34 |
|
| 35 |
Not that any of this changes the point you have tried to make regarding |
| 36 |
due diligence, mind you. |
| 37 |
|
| 38 |
-- |
| 39 |
Marecki |
Archives