Important note!

The Bureau of Export Controls has liberalized their export rules for open source software. My reading of their notice is that if I send them an e-mail notification, I can release the stuff I had formerly locked away for US Citizens only. I have sent them that e-mail, so everyone can now feel free to visit the software section without filling in any form or anything.

Those who have filled out the form in the past can rest assured that I have already destroyed all data ever recorded by the form.

Encryption

The routine use of strong encryption by individuals is an important safeguard both of privacy on the Internet in general and of personal liberty in particular.

The appologists for Big Brother say that it is important to control exports of encryption products to keep them out of the hands of rogue nations and terrorists.

Benjamin Franklin once said that, "He who would give up some freedom for a little temporary safety deserve neither." Of course, he is right, but even taking that maxim to heart is to overpower the case against encryption export laws -- the genie is already out of the bottle. Any rogue state or enemy or terrorist agent can simply download military-grade encryption from Finland, Australia, or any other of a hundred different nations that don't have any restrictions at all.

Indeed, saying that such nasty people will be detered by such laws gives the uneducated a false sense of security, as it implies that such tools will not be available.

It's spinach. To hell with them. They can have my private key when they pry it from my cold, dead fingers!

I routinely use and advocate a wide variety of encryption products to keep my internet travels secure. I read my mail from an SSL IMAP server using stunnel, I log in over the net with ssh, I use Netscape's S/MIME mail encryption as well as PGP. It is my goal to encrypt as much of my Internet traffic as is possible. Partly to insure my own privacy, but also the more people who use encryption routinely, the less it pays for certain governmental bodies to kiboze the net looking for encrypted traffic upon which to concentrate.

Of course I have a PGP key. In addition, I am a participant and notary in the Thawte Web of Trust, which works to proliferate trusted identification for S/MIME public key certificates.

I would like to share what I know about practical uses of encryption. I do not really know how hashes and ciphers do what they do, but I understand pretty well how to employ them properly. Fortunately, US law now allow me to share my knowledge (what little there is. :-) ).

In the software section, you will find:

An SSL add-on for pine version 4
My own "webcrypt" PHP3 library for encrypting and decrypting secure messages/cookies

Using OpenSSL as an S/MIME encoder/decoder
My PGP public key block
The Thawte Web of Trust
My WoT notarization policies
Electronic Frontier Foundation
International PGP page
The International Cryptography Page
Netscape's statement on U.S. export restrictions on cryptography
The SRA authenticated / DES encrypted telnet suite is available for ftp here (you'll want to get the libdes, gmp and tucif-sra tars).

Back to Nick's home page