[6139] in cryptography@c2.net mail archive
Re: draft regulations?
daemon@ATHENA.MIT.EDU (Donald E. Eastlake 3rd)
Fri Nov 26 13:09:24 1999
Message-Id: <199911260643.BAA01599@torque.pothole.com>
To: minow@pobox.com
Cc: cryptography@c2.net
In-reply-to: Your message of "Wed, 24 Nov 1999 16:10:56 PST."
<383C7E90.3869F0A4@pobox.com>
Date: Fri, 26 Nov 1999 01:43:29 -0500
From: "Donald E. Eastlake 3rd" <dee3@torque.pothole.com>
Of course not, "click here if you aren't a terrorist" is incorrect.
"click here if you are not a citizen or national of, and this data is
not being downloaded to, Cuba, Iran, Iraq, Libya, ..." quite probably
is adequate. When I designed the initial CyberCash wallet downloading
page, it checked the inverse DNS and dumped you if that said you were
from a trading-prohibited country, and then asked you the
citizenship/nationality question and the download loation question as
yes/no radio buttons. If you answered the questions that you were
from a trading-prohibited country or the wallet was to be downloaded
to a trading-prohibited country, you got a page saying it was not
allowed. This page had a "retry" button on it that took you back to
the questions. This was consider adequate security.
Donald
From: Martin Minow <minow@pobox.com>
Message-ID: <383C7E90.3869F0A4@pobox.com>
Date: Wed, 24 Nov 1999 16:10:56 -0800
Reply-To: minow@pobox.com
To: Russell Nelson <nelson@crynwr.com>
Cc: cryptography@c2.net
References: <19991124211109.3EB275E67@smtpgate.gannett.com> <14396.26852.364756.5962
43@desk.crynwr.com>
>Russell Nelson wrote:
>> ... You also have to (somehow) prevent users from
>> Cuba, Iran, Iraq, Libya, North Korea, Sudan and Syria form downloading
>> the code.
>
>Ok. how am I going to do that (rhetorical question)? My Web Server is the
>module distributed with every recent MacOS system (i.e., all those millions
>of iMac's and iBooks). It's a Control Panel (TSR in DOS-speak) called
>"Web Sharing". As far as I know, it has no mechanism for preventing
>certain domains from accessing a local web page. Of course, I could
>put up a link that says "click here if you aren't a terrorist", but
>I rather doubt that this will satisfy the regulations.
>
>Martin Minow
>minow@pobox.com
>
