1994-05-05 - Re: Keyserver service outage

Header Data

From: Eli Brandt <ebrandt@jarthur.cs.hmc.edu>
To: cypherpunks list <cypherpunks@toad.com>
Message Hash: db4c8d51754d3a1c63e09fe88c066231d87ff37b61ba324a05f3a0af72526888
Message ID: <9405050836.AA13734@toad.com>
Reply To: <Pine.3.89.9405050930.A220-0100000@newdaisy.ee.und.ac.za>
UTC Datetime: 1994-05-05 08:36:37 UTC
Raw Date: Thu, 5 May 94 01:36:37 PDT

Raw message

From: Eli Brandt <ebrandt@jarthur.cs.hmc.edu>
Date: Thu, 5 May 94 01:36:37 PDT
To: cypherpunks list <cypherpunks@toad.com>
Subject: Re: Keyserver service outage
In-Reply-To: <Pine.3.89.9405050930.A220-0100000@newdaisy.ee.und.ac.za>
Message-ID: <9405050836.AA13734@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> It is my understanding that folk outside the USA can legally run PGP
> versions from 2.0 to 2.3a, but cannot legally run Viacrypt 2.4 or the
> RSAREF-based version 2.5, because they contain code that cannot be
> exported from the USA.

Think about this.  Under whose law would your running PGP 2.5 be
illegal?  Your country's perhaps, I don't know.  But the U.S. has
no law against foreigners (who aren't under its jurisdiction, anyway)
using encryption.

Now, it's illegal under the ITAR for someone in the U.S. to export
any version of PGP, or almost any crypto software.  This is for
National Security reasons, natch.  And most U.S. use of pre-2.4 
versions probably infringes on RSA's patent on the math behind PGP.
But once it's over the border, none of this matters (until GATT
extends the miracle of uniform software patents to its signatories).

   Eli   ebrandt@hmc.edu






Thread