From: "Jim Burnes" <jim.burnes@n-o--s-p-a-m.ssds.com>
Date: Tue, 30 Sep 1997 04:11:37 +0800
To: cypherpunks@toad.com
Subject: Crypto Legality Question
Message-ID: <199709291924.NAA24744@denver.ssds.com>
MIME-Version: 1.0
Content-Type: text/plain



I have a theoretical situation which some person or
lawyer might know the answer to.  (not that lawyers are
not people...oh never mind).

Anyway..

ACME corporation, a mostly Canadian outfit with a major
subsidiary in the US, wants to roll out corporate wide crypto.

Most of their network operations are in the US except one
of their offices in Ireland.

Question (1): Can they buy a strong crypto package in the
US and physically roll it out to both Canada and Ireland.

Question (2): If Canada is OK, but Ireland is out of the
question, can Irish employees simply procure a compatible
strong crypto package from, say, Finland?  This assumes
that the message traffic from the Irish office to the US is
not covered by commerce dept regs, just the export of
software.  Since software isnt being exported, is everything
legal?

Thanks,

Jim Burnes


Jim Burnes
Engineer, Western Security, SSDS Inc
jim.burnes@ssds.com
----
When the world is running down
Make the best of what's still around
                   - Sting