Re: Almost-Everywhere Superiority for Quantum Computing

[Bill Stewart]

Russell Nelson [EMAIL PROTECTED] wrote:
 If quantum computers make brute-force cryptanalysis tasks easier, 
 don't they also make brute-force cryptographic tasks easier as well?  

At 01:12 AM 10/18/1999 -0400, Vin McLellan wrote:
The problem to worry about, of course, is that maybe not everyone is
going to have access to the same oracle.  

Consider what was involved when the NIST lab at Boulder created a
qubit a couple of years ago.  As I recall, to get their qubit they had to
trap a single atom with missing electrons (an ion) and two energy levels by
nailing it down with an array magnetic and electric fields at minus 273
degrees C.

For instance, will it fit in your palmtop or smartcard?  Probably not.

It's not clear that, in practice, it will be possible to get
high enough resolution out of quantum computers to affect crypto -
a resolution of 20 bits is enough to annoy smartcards by forcing 
the encryptor to use more key bits, but doesn't bother other computers.
A resolution of h-bar is ~10**47 or 150 bits, but by the time we get
that much resolution, it probably won't bother palmtops much,
except maybe for RSA key generation.   Quantum devices with 
resolutions like that probably aren't small or portable 

However, if you can get much bigger resolution improvements
out of quantum devices without some way to use 
lower-resolution devices in parallel while still collapsing
one big waveform in some kind of Quantum Black Magic.
Hard to say if that will be portable or not, or affordable
except by large organizations (particularly, even with Moore's Law
constantly making things cheaper, will the cost be
some large multiple of the cost of small portables,
Pocket Area Networks, Pencil Area Networks, RF grocery tags, 
you-are-here broadcasters on store shelves or license plates, etc.
Thanks! 
Bill
Bill Stewart, [EMAIL PROTECTED]
PGP Fingerprint D454 E202 CBC8 40BF  3C85 B884 0ABE 4639

Digital Contracts: Lie in X.509, Go to Jail

[Robert Hettinga]

-BEGIN PGP SIGNED MESSAGE-

Aside from noting the vicious hypocrisy of the Clinton administration
saying they support the 11th Ammendment, I've also decided that the bill
mentioned in the New York Times Story excerpted below, like most current
state digital signature legislation, could more properly be called the
"Lie on an X.509 'Certificate' and Go to Jail Act of 1999".

"Crypto in a crime", indeed.


The solution to this madness, is, of course, bearer credentials, as
Stephan Brands points out in his recently published doctoral dissertation
"Rethinking Public Key Infrastructures and Digital Certificates --
Building in Privacy", now published by Ponsen and Looijen in the
Netherlands, ISBN 90-901-3059-4.

The resulting book is in very well-written English, it's about 300 pages,
and, in it, Brands, the best of his generation of financial
cryptographers, completely demolishes, all the way down to the level of
cryptographic protocol, most of the received wisdom about "certification"
- -- and the current cult-like mystification of identity which underlies
it.

Even better, Stefan unveils a whole class of bearer-credential
cryptographic protocols which get the job done with infinitely more
privacy. More important, I'm personally convinced that Brands' bearer
credentials are significantly lower in cost than current book-entry
methods of "certification", especially after the costs of repudiation and
enforcement are taken into account.

However, given my current business, my biases on this subject are rather
plain here, so don't take my word for it: get the book and see for
yourself.

Stefan's thesis committee was Ron Rivest, Adi Shamir (yes, the R and S in
RSA), and Claus Schnorr (yes, *that* Claus Schnorr). Three men who could
be easily said to be the fathers of digital "certification", if its
patrimony was ever in dispute.


I would highly recommend that *everyone* who's serious in the study of
digital commerce -- and I mean legal professionals in particular -- order
this book immediately and go read it.

It goes without saying that anyone who calls himself a financial
cryptographer, much less a cryptographic or digital commerce software
engineer, should have this book in his library as well.


Cheers,
RAH


- --- begin forwarded text


Date: Tue, 19 Oct 1999 08:20:23 +0200 (CEST)
From: Anonymous [EMAIL PROTECTED]
Comments: This message did not originate from the Sender address above.
It was remailed automatically by anonymizing remailer software.
Please report problems or inappropriate use to the
remailer administrator at [EMAIL PROTECTED].
Old-Subject: NYT Story: Digital Contracts
To: [EMAIL PROTECTED]
Subject:  NYT Story: Digital Contracts
Sender: [EMAIL PROTECTED]
Reply-To: Anonymous [EMAIL PROTECTED]

Fight Over Electronic Contracts Heads to House

Also: U.S. Shut Out in First Round of Internet Board Elections

ASHINGTON -- With the clock ticking toward adjournment for the year,
Congressional leaders and the Clinton Administration are working to
eliminate political infighting and pass legislation that would give
electronic contracts the same legal weight as their traditional paper
counterparts.


The legislation is considered crucial for the future of electronic
commerce, and it is part of an effort by the Commerce Department both
domestically and internationally to make the standards for such
contracts, with their "digital signatures," as simple as possible.


But Republicans and Democrats in the House are still battling over how
far the legislation should go, a fight that could play out on the House
floor this week.


The House is scheduled to take up digital signature legislation as early
as Tuesday, but first leaders must decide how to proceed. At issue are
states rights, and whether individual states should have the power to
make their own rules for recognizing digital signatures.


The White House and most Democrats are pushing for a bill that would make
digital signatures legal only in those states that don't already have
laws recognizing the validity of electronic contracts.


But Republican leaders in the House have been pushing for more sweeping
legislation that would not only pre-empt state digital signature laws but
would also eliminate some of the paper-record keeping and notification
requirements that some states impose on financial institutions and
insurance companies.


The House Judiciary Committee last week narrowly approved a version of
the bill backed by Democrats that would recognize current state laws on
both electronic signatures and record-keeping. The bill is similar to a
White House-endorsed Senate proposal by Senator Spencer Abraham, a
Michigan Republican, that is awaiting passage in that chamber.




The House Commerce Committee, meanwhile, in August approved a bill by
Chairman Thomas J. Bliley Jr., a Virginia Republican, that would
establish a uniform national standard for authenticating electronic
signatures, and require that states pass laws 

Re: Digital Contracts: Lie in X.509, Go to Jail

[Steven M. Bellovin]

In message v0421012db4321dc2f55c@[204.167.101.62], Robert Hettinga writes:

 
 
 The solution to this madness, is, of course, bearer credentials, as
 Stephan Brands points out in his recently published doctoral dissertation
 "Rethinking Public Key Infrastructures and Digital Certificates --
 Building in Privacy", now published by Ponsen and Looijen in the
 Netherlands, ISBN 90-901-3059-4.

Do you know where to order this?  None of the amazon.com sites has it, nor doe
s barnesandnoble.com.

--Steve Bellovin

Re: Digital Contracts: Lie in X.509, Go to Jail

[Robert Hettinga]

Evidently, there are only 500 in the first printing, but I bet Stefan 
didn't give them *all* away. :-).

I bet that if you put in a special order to Amazon with the ISBN and 
the publisher in it, they'll manage to sell one to you on order. Upon 
receiving a bunch of orders for the book from some place like Amazon, 
if and when the publisher sells out, they'll probably print some 
more, or at least make a deal to print it on this side of the pond.

Cheers,
RAH


At 11:56 AM -0400 on 10/19/99, Steven M. Bellovin wrote:


 In message v0421012db4321dc2f55c@[204.167.101.62], Robert Hettinga writes:



 The solution to this madness, is, of course, bearer credentials, as
 Stephan Brands points out in his recently published doctoral dissertation
 "Rethinking Public Key Infrastructures and Digital Certificates --
 Building in Privacy", now published by Ponsen and Looijen in the
 Netherlands, ISBN 90-901-3059-4.

 Do you know where to order this?  None of the amazon.com sites has 
it, nor doe
 s barnesandnoble.com.

   --Steve Bellovin

-
Robert A. Hettinga mailto: [EMAIL PROTECTED]
The Internet Bearer Underwriting Corporation http://www.ibuc.com/
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

The Privacy Snatchers

[Declan McCullagh]

Here's something I wrote two years ago that may be timely when evaluating
whether or not to trust the government. At least, that is, when police say
they'll not abuse wiretaps and backdoors inserted into Internet protocols.

-Declan



http://www.pathfinder.com/time/digital/daily/0,2822,12609,00.html

The Privacy Snatchers
By Declan McCullagh

History reveals that time and again, the FBI,
the military and other law enforcement
organizations have ignored the law and spied on
Americans illegally, without court authorization.
Government agencies have subjected hundreds of
thousands of law-abiding Americans to unjust
surveillance, illegal wiretaps and warrantless
searches. Eleanor Roosevelt, Martin Luther King
Jr., feminists, gay rights leaders and Catholic
priests were spied on. The FBI used secret files
and hidden microphones to blackmail the
Kennedy brothers, sway the Supreme Court and
influence presidential elections. 

In these cases, police violated the law by
eavesdropping without a judge's approval, which
the Constitution requires. Now the FBI wants to
require Americans to use only computers and
telephones with a secret backdoor. Such easy
access is the fantasy of every unethical policeman
and corrupt bureaucrat. Of course, they pledge
never to use it without court authorization. Can we
trust them? 

Martin Luther King 

The FBI's campaign to destroy Dr. Martin Luther
King began in December 1963, soon after the
famous civil rights March on Washington. It
started with an extensive -- and illegal -- electronic
surveillance of King that probed into every corner
of his personal life. 

Two weeks after the march, the same week King
appeared on the cover of Time magazine as "Man
of the Year," FBI agents inserted a microphone in
King's bedroom. ("They had to dig deep in the
garbage to come up with that one," FBI director J.
Edgar Hoover said of the Time cover story.) Hoover
wiretapped King's phone and fed the information to
the Defense Department and to friendly
newspapermen. 

When King travelled to Europe to receive the
Nobel Peace Prize, Hoover tried to derail meetings
between King and foreign officials, including the
Pope. Hoover even sent King an anonymous
letter, using information gathered through illegal
surveillance, to encourage the depressed civil
rights leader to commit suicide. 

"The actions taken against Dr. King are
indefensible. They represent a sad episode in the
dark history of covert actions directed against
law-abiding citizens by a law enforcement
agency," a Senate committee concluded in 1976. 

Hoover's legacy? The FBI headquarters proudly
bears his name today. 

Mail Monitoring 

Opening mail may be an imprecise form of
surveillance, but that didn't stop the FBI and CIA
from surreptitiously reading hundreds of thousands
of letters from 1940 to 1973. Government
employees (who took special classes to learn this
skill) would stealthily open the envelope and
photograph whatever was inside. 

The CIA did it randomly. One agent testified before
Congress, "You never know what you would hit."
Included in the agency's dragnet were three U.S.
senators, a congressman, a presidential
candidate and many business and civil rights
leaders. 

Under federal law, opening mail not addressed to
you results in fines of up to $2,000 and five years
in jail. But not one agent appears to have been
prosecuted. 

Eleanor Roosevelt 

Even the personal life of the First Lady of the
United States is fair game to the eavesdrop
  

Is there an anonymous contribution protocol?

[Reusch]

A couple of months ago, someone (unfortunately, I don’t recall the name or date)  
wrote to the New York Times, suggesting that all political contributions be made 
anonymously.  

Given the continuous contention that the issue of  political contributions causes 
in the US, I was intrigued by the idea and have thought about it, off-and-on, 
since even though connected people snort derisively at the idea and I assume it 
has the political viability of the Caesar cipher at the NSA.  Nevertheless, I 
wonder whether a suitable protocol has already been invented.

Typically, a contributor would like to be able to confirm his donative status with 
a political party or candidate, as would the party or candidate for, their targeted 
mailings and such. Thus, any anonymous political contribution protocol would involve 
proofs of membership and share much with secure election protocols. However, these 
are not sufficient.

It should be difficult for the recipient to discover the amount of the claimed 
contribution. The contributor might say to the recipient, I will contribute 
$100,000 to your campaign at exactly 2:03 PM USA PST.  While a third party, 
that anonymizes the transfer of funds, would be involved, immediate tracking 
of the balance could reveal the identity of the contributor.  Limited reporting 
of the current balance or, using MixMaster-like techniques to obfuscate 
fund transfers, may do for high traffic ($$$) recipients.

Further, it ought to be be difficult for a contributor to collect proofs of 
contribution 
from other people that he has illicitly funded in the classical "Gore-Buddhist-Temple" 
attack (http://www.realchange.org/gore.htm#buddhist) to later present to the 
recipient. 
This seems hard and may justify a very low minimum contribution.

While, "I am not a lawyer", I am certain that there are labyrinthian free speech 
issues 
involved in mandated anonymous political contributions. While the fact that we voted 
is 
recorded in the US, the side that we voted for is concealed  (I hope so, having made 
no 
detailed examination of the internals of voting machines. Such is Trust.). Even though 
anonymous voluntary free speech is protected here, it is a thick slice between 
"I contributed" and  "I contributed $100,000. Here is my receipt! Get the bedroom 
ready."


Michael

Bernstein Delay Motion

[John Young]

Thanks to Cindy Cohn we offer the USG's motion yesterday
to delay en banc reargument in Bernstein:

   http://cryptome.org/bernstein-mot.htm

A quote:

"The revisions being implemented by the Department of 
Commerce entail extensive changes in the existing terms 
of the encryption export regulations. At this time, the details 
of the revised regulations are under review. One of the 
subjects currently under review in connection with the policy 
update is the regulatory treatment of encryption source code. 
It is possible that the revised regulations will not materially 
change the treatment of source code. But it is also possible 
that the revised regulations will alter the treatment of source 
code in ways that could have a bearing on the constitutional 
issues before this Court.(1) 

(1) In connection with the announcement of the Administration's 
encryption policy update on September 16, the Department 
of Commerce issued a "question and answer" document
regarding the update that indicated, inter alia, that existing 
controls on the export of encryption source code would not
be changed. That document does not reflect the review that 
is currently taking place."

End quote.

Re: BXA

[Greg Broiles]

On Wed, Sep 29, 1999 at 07:41:34PM -0700, I wrote:
 At 04:49 AM 9/29/99 , Donald Ramsbottom wrote:
 What really intrigues me is the end of your post  relating to the
 distinction between object code and source code. So if I understand you
 correctly, you will still require the old style regime and restrictions on
 source code. If so does that not mean that there is effectively no
 liberalisation?
 
 [...]
 Specifically of interest are general question #18, which indicates that 
 technical assistance, APIs, and source code will continue to be controlled 
 under the old regime; technical question #7, illustrating a new detailed 
 approach to API regulation; and technical question #8, reiterating that 
 only object code will be subject to the new policies.

It appears that this may no longer be correct. John Young has made
available on his website a document
http://cryptome.org/bernstein-mot.htm filed by the US Government with
respect to the en banc rehearing of the Ninth Circuit's decision in the
_Bernstein_ case. In short, the US Government is asking the court to
postpone oral argument in the case until the US Government has revealed
the new regulations, promised for release on December 15 1999.

As the filing states -

"It is possible that the revised regulations will not materially change
the treatment of source code. But it is also possible that the revised
regulations will alter the treatment of source code in ways that could
have a bearing on the constitutional issues before this Court.[1]"

where footnote 1 says that the BXA's question and answer document "does
not reflect the review that is taking place."

Thus, reliance on that document may no longer be appropriate. BXA's
website does not reflect that change in status. 

--
Greg Broiles
[EMAIL PROTECTED]

Re: BXA (fwd)

[Jim Choate]

- Forwarded message from Greg Broiles -

Date: Tue, 19 Oct 1999 15:13:53 -0700
From: Greg Broiles [EMAIL PROTECTED]
Subject: Re: BXA

It appears that this may no longer be correct. John Young has made
available on his website a document
http://cryptome.org/bernstein-mot.htm filed by the US Government with
respect to the en banc rehearing of the Ninth Circuit's decision in the
_Bernstein_ case. In short, the US Government is asking the court to
postpone oral argument in the case until the US Government has revealed
the new regulations, promised for release on December 15 1999.

- End of forwarded message from Greg Broiles -

Which shouldn't be relevant since his rights were impacted under the *old*
law. Even if the new regulations do permit unlimited export of crypto then
he'd still have a reason to push the case.


 
   The best lack all conviction, while the worst are full
   of passionate intensity.

   W.B. Yeats

   The Armadillo Group   ,::;::-.  James Choate
   Austin, Tx   /:'/ ``::/|/  [EMAIL PROTECTED]
   www.ssz.com.',  `/( e\  512-451-7087
   -~~mm-'`-```-mm --'-

Re: Is there an anonymous contribution protocol?

[Robert Hettinga]

At 3:48 PM -0400 on 10/19/99, Reusch wrote:


 "I contributed $100,000. Here is my receipt! Get the bedroom ready."

Right.

See http://www.xs4all.nl/~brands/order.txt

There's an echo in the room, isn't there?

:-).

Cheers,
RAH
-
Robert A. Hettinga mailto: [EMAIL PROTECTED]
The Internet Bearer Underwriting Corporation http://www.ibuc.com/
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: Is there an anonymous contribution protocol?

[Anonymous]

Michael Reusch, [EMAIL PROTECTED], writes:

 A couple of months ago, someone (unfortunately, I don't recall the name
 or date) wrote to the New York Times, suggesting that all political
 contributions be made anonymously.

 Given the continuous contention that the issue of  political contributions
 causes in the US, I was intrigued by the idea and have thought about it,
 off-and-on, since even though connected people snort derisively at the
 idea and I assume it has the political viability of the Caesar cipher at
 the NSA.  Nevertheless, I wonder whether a suitable protocol has already
 been invented.

One way to approach protocol design for such problems is to first specify
how the system would be done if there were a trusted third party (TTP).
The TTP is perfectly trustworthy, honest, and reliable.  Define the
behavior he would have which would solve your problem, then look for
a crypto protocol which accomplishes the same thing.  Generally, any
TTP protocol can be turned into a crypto protocol by straightforward
techniques, but the resulting crypto protocols will generally not be
efficient.  You can then look for shortcuts or approximations to produce
efficient crypto protocols to accomplish the same thing.

Maybe you could try to clarify how the TTP would behave in order to
accomplish what you desire with regard to anonymous contributions.  What
information would the TTP have?  What kinds of interactions would it
have to have with the participants?  Expressing this in detail would be
a good first step in looking to see whether a crypto protocol could be
designed to do the same thing.

Re: Digital Contracts: Lie in X.509, Go to Jail

[Julian Assange]

Robert Hettinga [EMAIL PROTECTED] writes:

 Evidently, there are only 500 in the first printing, but I bet Stefan 
 didn't give them *all* away. :-).
 
 I bet that if you put in a special order to Amazon with the ISBN and 
 the publisher in it, they'll manage to sell one to you on order. Upon 
 receiving a bunch of orders for the book from some place like Amazon, 
 if and when the publisher sells out, they'll probably print some 
 more, or at least make a deal to print it on this side of the pond.
 
 Cheers,
 RAH

Amazon only sells books distributed in the United States.

Cheers,
Julian.

Re: BXA

[Vin McLellan]

Unless, of course, this quiet announcement (in the Bernstein court
papers filed by the US Govt) that the source code issue is currently being
reviewed within the Executive Branch -- despite White House assurances to
the contrary to leading Congressional figures  -- was a purposely misleading
representation,  intended only to further stall and delay the Berstein
hearing before the full appelate court.

Of course, it is probably just because I'm a cynical Child of the
SiXties that I view the DoJ posture with a skeptical and jaundiced eye.  sigh

Suerte,

_Vin

At 03:13 PM 10/19/99 -0700, Greg Broiles wrote:
On Wed, Sep 29, 1999 at 07:41:34PM -0700, I wrote:
 At 04:49 AM 9/29/99 , Donald Ramsbottom wrote:
 What really intrigues me is the end of your post  relating to the
 distinction between object code and source code. So if I understand you
 correctly, you will still require the old style regime and restrictions on
 source code. If so does that not mean that there is effectively no
 liberalisation?
 
 [...]
 Specifically of interest are general question #18, which indicates that 
 technical assistance, APIs, and source code will continue to be controlled 
 under the old regime; technical question #7, illustrating a new detailed 
 approach to API regulation; and technical question #8, reiterating that 
 only object code will be subject to the new policies.

It appears that this may no longer be correct. John Young has made
available on his website a document
http://cryptome.org/bernstein-mot.htm filed by the US Government with
respect to the en banc rehearing of the Ninth Circuit's decision in the
_Bernstein_ case. In short, the US Government is asking the court to
postpone oral argument in the case until the US Government has revealed
the new regulations, promised for release on December 15 1999.

As the filing states -

"It is possible that the revised regulations will not materially change
the treatment of source code. But it is also possible that the revised
regulations will alter the treatment of source code in ways that could
have a bearing on the constitutional issues before this Court.[1]"

where footnote 1 says that the BXA's question and answer document "does
not reflect the review that is taking place."

Thus, reliance on that document may no longer be appropriate. BXA's
website does not reflect that change in status. 

--
Greg Broiles
[EMAIL PROTECTED]

Re: Digital Contracts: Lie in X.509, Go to Jail

[Dan Geer]

 For details of how to order, see www.xs4all.nl/~brands/order.txt

What is it about wanting to change the instantaneous  electronic world
that generates this sort of time  paper hazing ritual?

Yours in irreverent confusion,

Lightning Rod

Re: Digital Contracts: Lie in X.509, Go to Jail

[Arnold Reinhold]

At 9:20 AM +1000 10/20/99, Julian Assange wrote:
Robert Hettinga [EMAIL PROTECTED] writes:

  Evidently, there are only 500 in the first printing, but I bet Stefan
  didn't give them *all* away. :-).
 
  I bet that if you put in a special order to Amazon with the ISBN and
  the publisher in it, they'll manage to sell one to you on order. Upon
  receiving a bunch of orders for the book from some place like Amazon,
  if and when the publisher sells out, they'll probably print some
  more, or at least make a deal to print it on this side of the pond.
 
  Cheers,
  RAH

Amazon only sells books distributed in the United States.


That's not quite true, as the US publishers of Harry Potter found 
out. You can easily order from England http://amazon.co.uk and 
Germany http://amazon.de  Unfortunately, neither list 'Rethinking 
Public Key Infrastructures..."

Ponsen and Looijen have a web site http://www.p-l.nl/  That's as far as I got.


Arnold Reinhold

Re: Digital Contracts: Lie in X.509, Go to Jail

[Richard Lethin]

$94 for the $50 book from the US, ($19 shipping and bank costs on the
publisher's side, $25 for an "international money order").

Robert Hettinga wrote:

 At 2:27 PM -0400 on 10/19/99, Somebody, at the head end of a long
 line of other Sombodies, wrote:

  Where can I get this book by Brands?

 To which, at 8:16 PM +0200 10/19/99, Stefan Brands wrote:

  For details of how to order, see www.xs4all.nl/~brands/order.txt

 :-).

 Cheers,
 RAH
 -
 Robert A. Hettinga mailto: [EMAIL PROTECTED]
 The Internet Bearer Underwriting Corporation http://www.ibuc.com/
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: BXA v. Bernstein

[John Gilmore]

 _Bernstein_ case. In short, the US Government is asking the court to
 postpone oral argument in the case until the US Government has revealed
 the new regulations, promised for release on December 15 1999.
 
 Which shouldn't be relevant since his rights were impacted under the *old*
 law. Even if the new regulations do permit unlimited export of crypto then
 he'd still have a reason to push the case.

Since Bernstein is primarily asking that the law  regs be changed
(struck down as unconstitutional), if the government changes them
itself to be constitutional, then a large part of the case would be
won.

However, the chance of that is vanishingly slim.  First, a big problem
is in the statute, which BXA can't change, only Congress  the Pres
can.  It eliminates judicial review of BXA decisions, yet all
permanent free-expression suppression decisions MUST be made by a
court.  Second, a fundamental constitutional problem with the export
controls is that they require that you ask the government for a
license *before* you publish something, rather than merely trying to
punish you later if you err.  (A "prior restraint").  The so-called
liberalization we're promised did not alter this scheme; they want you
to go through a "one-time review" before they'll issue you a license
to publish your software.  Tinkering with the source code and
technical assistance rules will not change this.  It would be a
fundamental restructuring, eliminating all that lovely administrative
discretion so near and dear to NSA's heart.  The discretion to deny
licenses arbitrarily (or extend your "one-time review" into taking
infinite time), in unpublished decisions, means that the regs don't
actually have to say what the rules are; they can make them up as they
go along.  This is why we seek to end this discretion (and why courts
back us up, in cases involving free expression).

I encourage everyone to jump up and down and tell BXA to reform all
the unconstitutional parts while they're messing around in there.  Who
knows, it might work.  But I don't see their motion to put off the
appeal hearing as anything more than their usual delaying-the-
inevitable tactic.  You can call me a cynic; I think of it as years of
experience at NSA-watching.  Sure, they'll revise the regs by Dec 15,
change the source code rules, even make them constitutional.  And pigs
will learn to sing.  We'd better wait til next year just to be sure, eh?

The government is always free to revise the regulations at any time.
It has known in gory detail what constitutional problems exist, since
1984 (http://www.eff.org/bernstein/Legal/950922_tien.exhibits/).
It is always free to consider making them constitutional.  But it has
never yet done so.

John

Re: Bernstein Delay Motion

[Marc Horowitz]

John Young [EMAIL PROTECTED] writes:

 It is possible that the revised regulations will not materially 
 change the treatment of source code. But it is also possible 
 that the revised regulations will alter the treatment of source 
 code in ways that could have a bearing on the constitutional 
 issues before this Court.(1) 

Someone quote this next to "doublespeak" in the dictionary.

On a more serious note, when Patel issued Bernstein III, I seem to
recall a quote where she admonished the government for changing the
regulations out from under her while she was working on a decision.
Unfortunately, I can't find this quote.  Does someone else recall
this, and have a pointer?

If I'm remembering this right, and if the en banc review remands
(again), I can see her not looking positively on another request for a
stay.

Marc

Re: size of linear function space

[Ben Laurie]

[EMAIL PROTECTED] wrote:
 
 Consider functions of one variable whose domain and range are both
 {0,1,2,...,n-1}.  There are n^n possible functions.

n!, I'd say, since the range of any function that isn't one-to-one is
_not_ {0..n-1}. Did you mean that the range was a subset of {0..n-1}? Or
perhaps (equivalently) you meant to say "codomain" instead of "range"?

  How many of these
 are linear [i.e. F(a+b) = F(a) + F(b) + c, where c is the same for all
 a,b (if it were different, that would be trivial)]?  For any one
 definition of +, there will be some number;

This strikes me as completely false. Can't be bothered to prove it,
though. Especially since the problem is currently not well-defined :-)

 I'm interested in the sum
 over all definitions of + that satisfy the usual requirements of
 associativity, commutativity, additive identity, etc.

Hmm. This is horribly inexact. Do you mean the usual requirements for a
group? A field? What?

And like anonymous says, if you are going to ask these weird questions
(some of which are quite entertaining), you could at least say why.

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html

"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
 - Indira Gandhi