From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 1 Mar 1996 05:58:03 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: S/MIME outside the US?
Message-ID: <199602290845.AAA03948@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:49 PM 2/24/96 -0500, Lewis  wrote:
>volley@lls.se writes:
>> If I got things right, DES is "exportable" as long as the keysize
>> is kept under a certain size, which is too small to be really secure?
>
>All things are exportable as long as the keysize is kept under a certain size,
>which is too small to be really secure.  

That's not correct - you can only export crypto code from the US
for which you have Permission, and they'll only give you Permission
if it's weak crypto or you agree to be Well-Behaved (e.g. US banks 
can export real DES for talking to other banks, but US banks can be
subpoenaed and forced to hand over the plaintext.)

There have been people who've gotten export permission for modified DES,
e.g. real 56-bit DES with the key chosen from a 40-bit keyspace.

I'm assuming from volley's address that he or she is in Sweden,
and thus not directly limited by US export laws.  Write what you want,
and post it somewhere outside the US; we can import it legally.
As a non-American, you probably couldn't get US export permission for
even 40-bit RC4, and maybe not even for rot13.

#--
#				Thanks;  Bill
# Bill Stewart, stewarts@ix.netcom.com / billstewart@attmail.com +1-415-442-2215
# http://www.idiom.com/~wcs     Pager +1-408-787-1281