From: volley@lls.se (Pelle Claesson)
Date: Sun, 25 Feb 1996 09:28:58 +0800
To: cypherpunks@toad.com
Subject: S/MIME outside the US?
Message-ID: <minimail_3130166c_9f453@lls.se>
MIME-Version: 1.0
Content-Type: text/plain


(I'm doing some research on different security standards, as I'm
about to write an email/news program. Have been reading this list
for quite a while, and it's time to delurk.)


This is a quote from the S/MIME FAQ, as found on RSA's WWW server:

"S/MIME recommends three symmetric encryption algorithms: DES,
Triple-DES, and RC2.  The adjustable keysize of the RC2 algorithm
makes it especially useful for applications intended for export
outside the U.S.  RSA is the required public-key algorithm."

If I got things right, DES is "exportable" as long as the keysize
is kept under a certain size, which is too small to be really secure?
If that's the case, I guess RC2 is the last resort? Is it good enough,
or do I have to leave out S/MIME support, and just communicate with
people outside the U.S or something?


IMHO, these export restrictions on cryptography are completely insane.
Is there *any* way to bypass them (except for breaking the law)?


--
volley@lls.se