(This was for anonymous electronic cash, in a better system than bitcoin, invented in the 1980s; there were also RSA patent and Chaum patent considerations at the time, which were also not valid outside the US, and ML/etc. reasons why non-US providers were more likely to adopt it. We ended up getting fucked when a different political party got elected on the island and residence visas were pulled (we'd supported the other one), and then the e-gold federal indictment/prosecution/etc. (they were an investor). Also, living on a Caribbean island is not actually as much fun as you'd think.)
Is it the boredom and bureaucracy? Or something else?
The Internet was maybe 200-300Kbps tops, and kind of unreliable, and sucked a lot since I'd just been at MIT with a "huge" 3x45Mbps connection, working at Media Lab with the SGI Onyxes for anyone, etc.
Please, please write more about this!
Being decentralized is a huge advantage for Bitcoin in a lot of scenarios, but where being decentralized doesn't help, Bitcoin has a lot of baggage, is slow, inefficient, not inherently cryptographically secure (i.e. the safety comes from size of network, not for the first participant based on the strength of a public key algorithm). So, IMO, in the ideal world we'll have both something like Bitcoin for when decentralized single currencies are needed, and a bunch of centralized currencies for other purposes.
The closest thing active right now is Chris Odom ("Fellow Traveller")'s Open Transactions (http://opentransactions.org/wiki/index.php?title=Main_Page)
I think they have a commercial company in this area: http://monetas.net/ but I know basically nothing about it.
Anyone else here who was at HIP97?
Was this all just so that there was a plausible legal explanation for the code's existence outside the US, even though the means to make it happen otherwise were already obvious and undetectable?
The source code itself got posted anonymously before this point (I believe on cypherpunks@toad.com list), but officially exporting it like this was still helpful.
The goals were: staying out of jail but ALSO potentially making money through commercial versions, support, etc. There have been at least 3 incarnations of PGP as a commercial company.
... i.e. Web prehistory. It's not surprising a lot of it is gone after 19 years.
https://ftp-master.debian.org/crypto-in-main/ (with pictures of course)
The absurdity reached its peak when some bright spark wrote a three-line implementation of the RSA algorithm as a perl script (intended to be used as an email signature) and submitted it to the appropriate US government department for classification under the export controls, who promptly declared that anyone who wanted to export it needed to obtain a licence.
So, people started putting it on t-shirts ("This t-shirt is a munition!"), getting it tattooed on themselves ("I am a munition!"), etc.
Of course, this was all beside the point because the source code for all this stuff was widely available on the Internet.
The net effect of the export restrictions was that companies like Netscape and Microsoft had to create "export" versions of their browsers that were limited to a maximum key size of 56 bits. In '98 (I think), the US authorities relented somewhat, by allowing a scheme whereby financial institutions could get a special "Global ID" SSL certificate from Verisign that allowed the web server to persuade export browsers to "step up" their encryption to 128 bits.
Even after the US government relaxed the restrictions (in early January 2000), it took a long time for people to upgrade their browsers. I went to work at Deutsche Bank in the summer of 2000, where I was responsible for setting up the web servers for online trading systems and I can remember having to carefully craft the SSLCipherSuite section of httpd.confs to force export browsers to step up to a key length and encryption algorithm that satisfied the regulatory requirements for protecting trading systems.
It wasn't just the US who had controls on crypto either. I can remember learning far more than I ever wanted to know about the Wassenaar Agreement and the UK's Open General Export Licence because somebody wanted to give Identrus smartcards to clients who were located elsewhere in Europe.
And then, of course, the UK introduced RIPA, which allows the police to demand that anyone who has access to an encryption key turn it over. If you refuse, you can be sent to prison.
For an up-to-date reference see http://www.cryptolaw.org/cls-sum.htm
This would have been late 1992 or early 1993.
[1] https://www.federalregister.gov/articles/2010/06/25/2010-150...
