From: Kent Crispin <kent@songbird.com>
Date: Thu, 22 May 1997 23:40:47 +0800
To: cypherpunks@EINSTEIN.ssz.com
Subject: News about Sun and Elvis
Message-ID: <19970522072222.19267@bywater.songbird.com>
MIME-Version: 1.0
Content-Type: text/plain


-----Forwarded message from "Judas, Roland" <rj@medos.de>-----
From: "Judas, Roland" <rj@medos.de>
To: "'firewalls@greatcircle.com'" <firewalls@GreatCircle.COM>
Subject: News about Sun and Elvis
Date: Thu, 22 May 1997 09:36:44 +0100
X-Mailer:  Microsoft Exchange Server Internet Mail Connector Version 4.0.995.52
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Sender: firewalls-owner@GreatCircle.COM
Precedence: bulk

---  White House Reviews Sun's Encryption Initiative  ---
By John Fontana, Communications Week

WASHINGTON-The Clinton administration said it is reviewing the 
relationship between Sun Microsystems and a Russian  company that 
produces a strong encryption product, which  Sun is licensing for 
worldwide distribution.
The White House issued a statement last night, saying, "We  are 
reviewing our regulatory posture with Sun to ensure that  their 
arrangement with the Russian encryption company is in  compliance with 
U.S. export controls."
The Department of  Commerce, which is responsible for export 
regulations on strong encryption, stressed that the administration was 
 reviewing the relationship and not conducting an  investigation, a 
spokesman said.
Last week, Sun, in Mountain View, Calif., told Communications Week 
that it had licensed an encryption product from Moscow, Russia-based 
Elvis+ Co., which offers 128-bit keys and would resell it  worldwide 
under the name PC Sunscreen SKIP Elvis+. Sun  has approximately a 10 
percent equity stake in Elvis+, whose product is based on Sun's Simple 
Key Management for IP  (SKIP) protocol. The specification was 
published nearly two  years ago.
Humphrey Polanen, general manager of Sun's security and  electronic 
commerce group, was confident the government  would find Sun "in full 
compliance with the letter of the law."  He said a key factor was that 
Sun offered no technical  assistance in the development of the 
software.
U.S. law bars the export of encryption over 56 bits without 
 government approval. Companies seeking to export 56-bit  products 
must also have a system in place within two years  for key recovery.
Netscape Communications, also of Mountain View, has followed that path 
with its  browser software, but Sun has neither government approval 
 nor a method to recover keys. The administration wants access to keys 
in cases of criminal investigations. It is  concerned that strong 
encryption products could fall into the hands of terrorists, even 
though similar products are  available from nearly 30 foreign 
companies.
The statement from the White House also said it had not  evaluated the 
product and could not comment on it.
If found in violation of export controls, Sun could face civil  and/or 
criminal penalties. Criminal penalties, which would be  handed out by 
the Justice Department, could mean Sun  executive officers would spend 
time in a federal prison. At press time, Sun had not seen the 
announcement and would  not comment.
"The administration may have to go after Sun to protect the  integrity 
of its policy," said Marc Rotenberg, the director of  the Electronic 
Privacy Information Center. "You might see the  ,Zimmerman effect,' 
which would be tremendous public sympathy."
Rotenberg is referring to Phillip Zimmerman, who won a  battle with 
the government over his Pretty Good Privacy  encryption product, which 
was distributed free over the  Internet.
"The White House is at risk by going after a U.S. company  for making 
a good product," Rotenberg said. "This is one  more reason to think 
the administration's cryptography policy  is not long for this 
world."
Three bills attacking the administration's policy are being  discussed 
on Capitol Hill, but only one, the Security and  Freedom through 
Encryption Act, has made it out of  committee. The bill, which was 
authored by Rep. Bob Goodlatte (R-Va), would prohibit mandatory key 
recovery.
President Clinton is opposed to the bill in its current form.

-----End of forwarded message-----

-- 
Kent Crispin				"No reason to get excited",
kent@songbird.com			the thief he kindly spoke...
PGP fingerprint:   B1 8B 72 ED 55 21 5E 44  61 F4 58 0F 72 10 65 55
http://songbird.com/kent/pgp_key.html