1994-06-01 - PGP 2.3 vs 2.6 outside the US

Header Data

From: rishab@dxm.ernet.in
To: cypherpunks@toad.com
Message Hash: 0c0b888a993a5e92409490ced2a23835e1946973ec28e87c83496b5ece1afa39
Message ID: <gate.By48mc1w165w@dxm.ernet.in>
Reply To: N/A
UTC Datetime: 1994-06-01 01:38:21 UTC
Raw Date: Tue, 31 May 94 18:38:21 PDT

Raw message

From: rishab@dxm.ernet.in
Date: Tue, 31 May 94 18:38:21 PDT
To: cypherpunks@toad.com
Subject: PGP 2.3 vs 2.6 outside the US
Message-ID: <gate.By48mc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


Jeff Barber <jeffb@sware.com>:
> While creating a 2.6-like version from 2.3a seems a worthy goal, this
> supporting argument is flawed.  The original PGP was written in the USA
> and, never having received the proper export approvals, must have been
> "illegally exported."   Isn't Phil Zimmerman being "investigated" by a
> grand jury for this even now?  So, it would seem to me that a bulletin
> board carrying any version of PGP holds illegally exported software (wrt
> US law).  How does 2.3a differ from 2.6 in this respect?

2.0 to 2.3a were developed outside the US, released in New Zealand and the
Netherlands, and _imported_ into the US. While a version of 2.3a in India, say,
need not have come from the US, and hence does not indicate an ITAR violation
somewhere, the version of 2.6 in Italian sites got there only because they were
illegally exported from the US.






Thread