[iwar] [fc:Anticircumvention.Rules:.Threat.to.Science]

From: Fred Cohen (fc@all.net)
Date: 2001-09-21 17:55:37


Return-Path: <sentto-279987-2167-1001120138-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Fri, 21 Sep 2001 17:57:10 -0700 (PDT)
Received: (qmail 2657 invoked by uid 510); 22 Sep 2001 00:56:02 -0000
Received: from n2.groups.yahoo.com (216.115.96.52) by 204.181.12.215 with SMTP; 22 Sep 2001 00:56:02 -0000
X-eGroups-Return: sentto-279987-2167-1001120138-fc=all.net@returns.onelist.com
Received: from [10.1.1.222] by hi.egroups.com with NNFMP; 22 Sep 2001 00:55:42 -0000
X-Sender: fc@big.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_3_2_2); 22 Sep 2001 00:55:37 -0000
Received: (qmail 91808 invoked from network); 22 Sep 2001 00:55:37 -0000
Received: from unknown (10.1.10.26) by 10.1.1.222 with QMQP; 22 Sep 2001 00:55:37 -0000
Received: from unknown (HELO big.all.net) (65.0.156.78) by mta1 with SMTP; 22 Sep 2001 00:55:38 -0000
Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id RAA30149 for iwar@onelist.com; Fri, 21 Sep 2001 17:55:38 -0700
Message-Id: <200109220055.RAA30149@big.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Fri, 21 Sep 2001 17:55:37 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] [fc:Anticircumvention.Rules:.Threat.to.Science]
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 8bit

Anticircumvention Rules: Threat to Science

Pamela Samuelson 

Scientists who study encryption or computer security or otherwise reverse
engineer technical measures, who make tools enabling them to do this work,
and who report the results of their research face new risks of legal
liability because of recently adopted rules prohibiting the circumvention of
technical measures and manufacture or distribution of circumvention tools.
Because all data in digital form can be technically protected, the impact of
these rules goes far beyond encryption and computer security research. The
scientific community must recognize the harms these rules pose and provide
guidance about how to improve the anticircumvention rules.

Recent legislation in the United States and Europe whose ostensible purpose
is to protect copyrighted works from pirates is being used to inhibit
science and stifle academic research and scholarly communication. The threat
to science is illustrated by strong-arm efforts of the Recording Industry
Association of America (RIAA) and the Secure Digital Music Initiative (SMDI)
Foundation to use the anticircumvention provisions of the Digital Millennium
Copyright Act (DMCA) to suppress publication of a paper by Edward Felten of
Princeton University's Computer Science Department and several coauthors
(1). Felten's paper described weaknesses in digital watermarking
technologies that RIAA and SMDI hoped to use to protect commercially
distributed digital music (2). RIAA and SDMI asserted that the researchers
could not publicly disclose details of their research without violating the
DMCA (3). Unfortunately, such an assertion must be taken seriously because
all too often in recent years, when courts have perceived a conflict between
intellectual property rights and free speech rights, property has trumped
speech (4). 

Computer security and encryption researchers are far from the only
scientists who have reason to fear the DMCA. Any data in digital form can be
protected by encryption and other technical measures, and those who
distribute digital data in this manner can use the DMCA to restrict what
scientists or other researchers can do with the data.

The DMCA establishes several new rules to protect copyright owners. First,
the DMCA bans the bypassing of technical measures used by copyright owners
to protect access to their works (5). Second, it outlaws the manufacture or
distribution of technologies primarily designed or produced to circumvent
technical measures used by copyright owners to protect their works (6).
Third, it makes removal or alteration of copyright management information
(CMI) from digital copies of copyrighted works illegal (7). Copyright
industry lobbyists persuaded Congress to adopt these rules to reassure
rights-holders that when they used technology to identify their ownership
rights (e.g., by digital watermarks) or to protect digital copies of their
works (e.g., by encryption), pirates could not simply strip the CMI from
those copies or use countermeasures to undo the encryption to facilitate
copyright infringements (8).

The major recording industry firms who belong to RIAA plan to implant
watermarks in digital recordings not only to identify their ownership rights
but also to ensure that the music can only be played or copied if the
watermarks authorize it (9). For this plan to work, the consumer electronics
industry and makers of music-player software for PCs must build systems
designed to read and conform to these watermarks. SDMI is the multi-industry
consortium formed largely at the instigation of RIAA to develop technical
standards for watermarks and compliant devices and player software. In
September 2000, SDMI announced its selection of certain technologies as
candidate standards and issued a public challenge encouraging skilled
technologists to try to defeat these technical protection measures (10).
SDMI even offered to pay $10,000 per broken watermark to anyone who
demonstrated to SDMI's satisfaction that his or her attack had been
successful. 

Felten and his collaborators decided to accept the challenge, although they
decided against seeking the prize money because SDMI was only willing to
award it to those who agreed not to reveal how they defeated the watermarks
to anyone but SDMI (11). Felten and his collaborators made no secret of the
fact that they were writing a paper on the results of their research about
the SDMI watermarks (12). When an executive from the developer of one of the
candidate watermarks asked to see the paper, Felten sent him a draft. This
executive and RIAA then tried to persuade Felten to omit from the paper
certain details about the weaknesses of the SDMI technologies. Felten and
his coauthors decided that these details were necessary to support their
scientific conclusions. There ensued numerous conversations between
representatives of SDMI and RIAA, on the one hand, and Felten, his
coauthors, members of the conference organizing and program committees, and
lawyers from institutions with which these persons were affiliated, on the
other hand. SDMI and RIAA asserted that any presentation of the paper at a
conference or subsequent publication of the paper in the conference
proceedings would subject these persons and their institutions to liability
under the DMCA and made clear their intent to take action against the
researchers unless they withdrew the paper (13).

Although convinced that they would be vindicated if the matter went to
court, Felten and his coauthors reluctantly withdrew the paper from the
April conference out of concern about the high costs of litigation (14).
This decision was widely reported in the press and has had a chilling effect
on the willingness of cryptographers to publish the results of their
research (15). Since then, the Electronic Frontier Foundation has agreed to
represent Felten and his coauthors in an affirmative challenge to the RIAA
and SDMI claim that seeks a judicial declaration that presenting or
publishing this paper does not violate the DMCA (16).

The idea that Felten's paper violates the DMCA initially seems absurd on its
face. Whatever plausibility it has is due to a broad interpretation given to
the DMCA rules in a trial court decision in Universal City Studios, Inc. v.
Reimerdes in August 2000 (17). Universal sued 2600 Magazine and its
publisher Eric Corley (a.k.a. Emmanuel Goldstein) because 2600 posted a copy
of a computer program, known as DeCSS, as part of its story about a young
Norwegian hacker Jon Johanssen who figured out how to bypass the Content
Scrambling System (CSS) used to protect commercially distributed DVD movies.
Johanssen wrote DeCSS and posted it on the Web so that others could benefit
from what he had learned. Universal convinced the trial judge that DeCSS was
an illegal circumvention technology, the public availability of which
threatened the viability of the motion picture industry (even though
Universal did not produce any evidence that DeCSS had ever actually been
used to make an infringing copy of the plaintiffs' movies; it was enough, in
Universal's view, that the program could be used for this purpose).

After being ordered in January 2000 to take down DeCSS from the 2600 site,
Corley decided to link to sites where DeCSS could be found. In August
2000, the trial judge ruled that linking also violated the DMCA and forbade
posting or linking to source or object code forms of DeCSS. The judge
rejected Corley's First Amendment defense because of the functionality of
DeCSS and the danger that the program posed to Universal's market for
copyrighted movies. Under this judge's reasoning, even an English-language
version of DeCSS might violate the DMCA.

SDMI and RIAA regard Felten's paper as providing a functional recipe for
circumventing the SDMI watermarks that posed dangers to the recording
industry akin to those that DeCSS posed for the motion picture industry.
SDMI and RIAA have not been willing to concede that writing and distributing
a paper describing the results of reverse engineering of a technical
protection measure are different from writing and distributing an executable
program capable of defeating that measure [but for the fact that SDMI issued
a public challenge to the technical community to try to break the technical
protections they had devised, SDMI and RIAA would undoubtedly argue that the
reverse engineering of publicly disseminated watermarking technologies,
whether for academic research or for piratical purposes, violates the DMCA
rule against alteration or removal of copyright management information
(18)]. 

The ruling against Corley is on appeal. One can always hope that the appeals
court will give the DMCA a narrower interpretation than the trial judge did
and that this narrower interpretation will propagate in other cases. In the
meantime, the DMCA is a cloud on the horizon for all computer security and
encryption researchers, whether they operate in an academic or commercial
setting, if their work has any potential application to protecting digital
content.

Although the DMCA rules contain narrow exceptions for computer security and
encryption research, practitioners in these fields take little comfort in
them (19). Several prominent cryptographers submitted an amicus (friend of
the court) brief in the Corley case in which they characterized the
encryption research exception as "so parsimonious as to be of little
practical value" as well as being based on a "fundamentally mistaken
conception of cryptographic science" (20, 21). It applies, for example, only
if the researcher is employed or has been trained as a cryptographer, even
though some brilliant breakthroughs in this field have come from amateurs
(22). The researcher must also seek permission from affected rights-holders
before trying to reverse engineer encryption technology (23). The exception
further requires the researcher to prove that his or her research was
necessary to advance the state of the art when the researcher may just be
trying to understand how a technology works (24). In addition, the exception
may be unavailable if the researcher publishes his or her results on the
Internet because this will make them accessible to potential pirates (25).
But the most fundamental point is that "the science of cryptography depends
on cryptographers' ability to exchange ideas in code, to test and refine
those ideas, and to challenge them with their own code. By communicating
with other researchers and testing one another's work, cryptographers can
improve the technologies they work with, discard those that fail, and gain
confidence in technologies that have withstood repeated testing" (20).
Encryption and computer security cannot get stronger if researchers in these
fields are at risk of liability from the DMCA for merely working in their
chosen field and communicating with one another about it.

The implications of the DMCA for science are not limited to computer
security and encryption researchers. Virtually all computer scientists, as
well as many other scientists with some programming skills, find it
necessary on occasion to reverse engineer computer programs. Sometimes they
have to bypass an authentication procedure or some other technical measure
in order to find out how the program works, how to fix it, or how to adapt
it in some way. The act of bypassing the authentication procedure or other
technical measure, as well as the making of a tool to aid the reverse
engineering process, may violate the DMCA.

Although the DMCA also has an exception for reverse engineering of a program
(26), it too is narrow. It only applies if the sole purpose of the reverse
engineering is to achieve program-to-program interoperability and if reverse
engineering is necessary to do so (27). Trying to fix a bug or understand
the underlying algorithm does not qualify. Information even incidentally
learned in the course of a privileged reverse engineering process cannot be
divulged to any other person except for the sole purposes of enabling
program-to-program interoperability (28). Under a strict interpretation of
the DMCA, a reverse engineer could not, for example, publish lawfully
obtained interface information or details of the program's authentication
technique in an academic or research paper.

Other evidence of the narrowness of the reverse engineering exception can be
seen in the trial judge's response to Corley's interoperability defense
(29). Jon Johanssen testified at Corley's trial that he developed DeCSS to
help the Linux programmers develop a Linux-based DVD player. The judge
rejected this defense for several reasons: First, DeCSS did not have as its
sole purpose the achieving of interoperability because it could also be used
to bypass CSS on a Windows-based system. Second, DeCSS might help achieve
data-to-program interoperability, but the statutory exception only permits
program-to-program interoperability. Third, even if Johanssen had been
eligible for the interoperability privilege, Corley--a mere journalist--was
not because he was not trying to develop an interoperable program.

Of course, any data in digital form--not just sound recordings and motion
pictures--can be protected by technical measures. Those who disseminate
digital data may want to restrict what researchers can do with the data.
Imagine, for example, that a pharmaceutical company produces data to prove
that a new drug is safe but technically protects it so that only certain
tests can be performed on the data, all of which support the safety claim. A
scientist who doubted the safety claim and tried to process the data by
additional tests would violate the DMCA if he or she bypassed the access
control system restricting use of the data (30).

Or imagine that this pharmaceutical firm put the data on an
access-controlled Web site available only to those who agreed to licensing
terms forbidding use or disclosure of the data or test results except as
authorized in the license. A scientist who tried to access the data without
agreeing to the license might also run afoul of the DMCA. Microsoft once
posted a certain technical specification on a Web site, access to which was
designed to be available to researchers only if they clicked "I agree" to a
license that forbade disclosing details of the specification (31). A smart
technologist figured out how to bypass the click-through license and posted
instructions about it on slashdot.org, after which there was a heated debate
about the specification on slashdot. Microsoft learned about the slashdot
postings and demanded that slashdot delete these messages on the theory that
they violated the DMCA's anticircumvention rules. Microsoft is surely not
the only entity in the world that wants to control a wider community's use
of its information and will find the DMCA a useful tool for achieving this
objective.

Advances in technology now permit very fine-grained control over access to
and use of information. This control has been powerfully reinforced by the
DMCA, and it enables firms and individuals to engage in "privication" (i.e.,
"the mass distribution of information to `authorized' users with tight
control over its use") (32, p. 1218). This disturbing practice may well
creep from one subdiscipline of science to another unless the scientific
community recognizes the potential threat that privication and the DMCA pose
for preservation of the norms and practices of science.

The question, then, is whether science can do something about it. I am
optimistic that the scientific community can make a difference because it
has been able to mobilize and make an effective case for policy change when
expansions of intellectual property rights, actual or proposed, were about
to have serious repercussions for science (33). The scientific community has
played an important role in holding back a vast expansion of intellectual
property rights to the contents of databases.

Back in 1996, the European Commission realized that many commercially
valuable databases did not qualify for copyright protection because they
exhibited insufficient creativity in selection and arrangement of data and
that when databases did qualify for protection, the copyright in them did
not protect the data themselves from being reselected and rearranged. So the
Commission proposed a new form of intellectual property protection for the
contents of databases, and in 1996, this new legal regime was mandated in
the European Union. Now any person or firm that expends substantial
resources in compiling data in the European Union has a legal right to
prevent anyone else from extracting or reusing all or a substantial part
(whatever that means) of the contents of the database for 15 years (34).
Additional expenditures in maintaining the database will renew the term of
protection, which arguably gives European data compilers perpetual rights in
the data in their databases (35).

Although scientists in Europe seem not to have been consulted when this law
was wending its way through the European Commission and Parliamentary
approval process, scientists in the United States recognized that such a law
posed serious problems for traditional norms and practices of science (36).
They did not object to giving databases some legal protection but argued
that the European Union database right went too far. So they organized a
successful effort in late 1996 to persuade the Clinton Administration to
back away from support for an international treaty to universalize the
European database rules that a senior U.S. official had previously endorsed
(37). These organizations also helped to persuade the Clinton Administration
to moderate its stance on several digital copyright issues, including
whether fair use would survive in the digital age, scheduled for
consideration at a diplomatic conference in December 1996 (38). Thanks in no
small part to these efforts, the treaty eventually adopted was balanced and
sound. 

Since 1996, the American Association for the Advancement of Science and the
National Academies of Science and Engineering have been among the scientific
organizations that have worked together to oppose European Union-style
database legislation in Congress and in the international arena (39). So far
they have been successful, but database bills will be back, and victory in
future rounds will depend on continued vigilance.

The scientific community has not been as active about the DMCA
anticircumvention rules, perhaps because the threat they posed seemed too
abstract and diffuse. But now that the threat that these overbroad rules
pose for science is more evident and immediate, it may be the right time to
focus on the DMCA. There are at least two ways to do this. One is to submit
amicus briefs in pending cases to urge courts to give narrow interpretations
to these rules to mitigate the harm to science. Another is to make
suggestions to Congress about how the DMCA could be modified to provide a
better balance between protection for copyrighted works and protection for
scientific research and communications.

One thing is certain: Better anticircumvention rules will not come about
just because it is the right thing to do. This will only happen if the
scientific community and others harmed by these overbroad rules are able to
articulate why the DMCA rules are harmful and how legal decision makers can
fix the problems with this legislation.

REFERENCES AND NOTES

1.    See, e.g., C. C. Mann, "Secure-Music Group Threatens Researchers Who
Plan to Publish on Hacking Success," Inside Magazine, 22 April
2001, available at www.inside.com.
2.    The paper was entitled "Reading Between the Lines: Lessons from the
SDMI Challenge" and was scheduled for presentation at the Fourth
International Information Hiding Workshop in Pittsburgh, PA, on 26 April
2001. For further details, see SDMI challenge FAQ at
www.cs.princeton.edu/sip/sdmi/faq.html.
3.    A copy of the RIAA letter to Felten asserting that presentation or
publication of the researchers' paper would violate the DMCA is available at
cryptome.org/sdmi-attack.htm.
4.    See, e.g., M. A. Lemley and E. Volokh, Duke Law J. 48, 147 (1999)
(giving examples).
5.    17 U.S.C. sec. 1201(a)(1)(A). This provision is subject to seven
exceptions, three of which are discussed in this viewpoint. For a critical
commentary on the DMCA anticircumvention regulations, see, e.g., P.
Samuelson, Berkeley Technol. Law J. 14, 519 (1999) .
6.    17 U.S.C. sec. 1201(a)(2), 1201(b)(1). Subsection (a)(2) pertains to
technologies that bypass access controls and (b)(1) to technologies that
bypass other technical measures (e.g., copy controls) used by copyright
owners to protect their works.
7.    17 U.S.C. sec. 1202. Unlike section 1201, this rule has no exceptions
for research or other legitimate purposes.
8.    See WIPO Copyright Treaties Implementation Act and Online Copyright
Liability Limitation Act: Hearings on H.R. 2281 and H.R. 2280 Before the
Subcommittee on the Courts and Intellectual Property of the House Committee
on the Judiciary, 105th Congress (1997) (statements of Jack Valenti, Robert
Holleyman, and Allan R. Adler in support of the anticircumvention rules).
9.    For a concise description of the intended role of watermarks in
protecting digital music in compliant devices, see the SDMI challenge FAQ at
www.cs.princeton.edu/sip/sdmi/faq.html.
10.    See "An Open Letter to the Digital Community" available at
www.sdmi.org/pr/OL_Sept_28_2000.htm.
11.    This is explained in the SDMI challenge FAQ at
www.cs.princeton.edu/sip/sdmi/faq.html.
12.    The facts in this paragraph are set forth in the complaint filed by
the Electronic Frontier Foundation on behalf of Felten and his coauthors
against RIAA and SDMI, which is available at
www.eff.org/Legal/Cases/Felten_v_RIAA/20010606_eff_complaint.html.
13.    Also challenged was a chapter of a Princeton Ph.D. student's
dissertation that discussed the SDMI challenge. This student successfully
defended her dissertation and, in keeping with standard practice in her
field, posted the dissertation on the Internet. Out of an abundance of
caution after withdrawal of the Felten paper (of which she was a coauthor)
from the April conference, she removed the SDMI chapter from the Internet.
14.    Felten's statement when he announced withdrawal of the paper from the
April conference is available at cryptome.org/sdmi-attack.htm.
15.    See, e.g., (1); K. Dawson, "Watermarks...or Freedom?," Industry
Standard, 7 May 2001. One Dutch cryptographer, Niels Ferguson, has explained
the chilling effects that the DMCA has had on his willingness to publish the
results of his research at macfergus.com/niels/dmca/index.html.
16.    The complaint is available at
www.eff.org/Legal/Cases/Felten_v_RIAA/20010606_eff_complaint.html. Felten
finally presented the paper at a USENIX conference on 15 August
2001. However, he and his coauthors continue to be concerned about DMCA
liability for reasons set forth in court papers filed in response to RIAA's
motion to dismiss the Felten lawsuit (also available on the www.eff.org).
These concerns have been amplified by the recent arrest of a Russian
programmer, Dmitri Sklyarov, for criminal violation of the DMCA rules
because he wrote a program capable of bypassing an Adobe e-book program.
17.    Universal City Studios, Inc. v. Reimerdes, 111 F. Supp. 2d
294 (S.D.N.Y. 2000).
18.    The Felton v. RIAA complaint in (12) reflects concerns that the
defendants claim that the researchers violated 1202 as well as 1201.
19.    17 U.S.C. sec. 1201(g), 1201(j). Felten may not be eligible for
either privilege because the SDMI watermarks are not encryption and because
the computer security exception does not apply to 1201(b), but only to
1201(a)(2). Neither privilege applies to 1202 claims.
20.    Brief of Amici Curiae of S. Bellovin, M. Blaze, D. Boneh, D. Del
Torto, I. Goldberg, B. Schneier, F. A. Stevenson, D. Wagner, in Universal
City Studios, Inc. v. Reimerdes, to the Second Circuit Court of Appeals,
26 January 2001, available at
eon.law.harvard.edu/openlaw/DVD/NY/appeal/000126-cryptographers-amicus.html.
21.    Problems with the overly narrow and ambiguous encryption and computer
security exceptions to the DMCA are discussed by the National Research
Council [The Digital Dilemma: Intellectual Property in the Information Age
174-75, Appendix G (National Academy of Sciences Press, Washington, DC,
2000)].
22.    17 U.S.C. sec. 1201(g)(3)(B).
23.    17 U.S.C. sec. 1201(g)(2)(C). The computer security exception
requires that the researcher actually get, and not just ask for, permission
to defeat the technical protection measure. 17 U.S.C. sec. 1201(j)(1).
24.    17 U.S.C. sec. 1201(g)(1), (g)(2)(B).
25.    17 U.S.C. sec. 1201(g)(3)(A). The encryption researcher must also
provide affected copyright owners with the results of his or her research in
a timely manner. 17 U.S.C. sec. 1201(g)(3)(D).
26.    17 U.S.C. sec. 1201(f).
27.    17 U.S.C. sec. 1201(f)(1).
28.    17 U.S.C. sec. 1201(f)(3).
29.    The interoperability defense is discussed in Universal City Studios,
Inc. v. Reimerdes, 82 F. Supp. 211 (S.D.N.Y. 2000) (ruling on the
preliminary injunction motion), 111 F. Supp. 2d 294 (S.D.N.Y. 2000) (ruling
after trial).
30.    See A. W. Appel, E. W. Felten, Comm. ACM 43, 21 (September 2000)
(giving examples of academic research that might be illegal under a strict
interpretation of the DMCA rules).
31.    See J. E. Cohen, "Unfair Use," The New Republic, 23 May
2000 (available at www.tnr.com/online/cohen052300.html).
32.    J. Zittrain, Stanford Law Rev. 52, 1201 (2000) [ISI][Medline] .
33.    The scientific community expressed doubts, for example, about the
patenting of expressed sequence tags (ESTs) of DNA of unknown functionality.
The U.S. Patent and Trademark Office thereafter issued new guidelines to
require a known utility for patenting of ESTs that substantially alleviated,
even if they did not totally resolve, this threat to science from overbroad
patent rights.
34.    Directive 96/9/EC of the European Parliament and of the Council of
11 March 1996 on the Legal Protection of Databases, 1996 O.J (L 77) 20.
35.    For a critical commentary on the EU database directive and kindred
U.S. legislation, see, e.g., J. H. Reichman and P. Samuelson, Vanderbilt Law
Rev. 50, 51 (1997) .
36.    See, e.g., National Research Council, Bits of Power: Issues in Global
Access to Scientific Data (National Academy of Sciences Press, Washington,
DC, 1997) (expressing concern about European Union-style database
protection). 
37.    The role of scientific organizations in facilitating changes in U.S.
policy is recounted in (38).
38.    P. Samuelson, Va. J. Intl. Law 37, 369 (1997) .
39.    These efforts are recounted by J. H. Reichman and P. F. Uhlir
[Berkeley Technol. Law J. 14, 793 (1999)].
40.    I gratefully acknowledge research support from NSF grant SEC-9979852.
10.1126/science.1063764
Include this information when citing this paper.

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Pinpoint the right security solution for your company- Learn how to add 128- bit encryption and to authenticate your web site with VeriSign's FREE guide!
http://us.click.yahoo.com/JNm9_D/33_CAA/yigFAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:46 PDT