From: Scott Brickner <sjb@austin.ibm.com>
Date: Tue, 25 Jul 95 09:59:56 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: Exporting from Canada (was Re: Let's try breaking an SSL RC4 key)
In-Reply-To: <199507250455.AAA13908@bb.hks.net>
Message-ID: <9507251659.AA16288@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <199507250455.AAA13908@bb.hks.net> Lucky Green writes:
>
>In article <m0saTpk-0005BTC@nrk.com>, wb8foz@nrk.com (David Lesher) wrote:
>
>>marc:
>>> However, goods of U.S. origin are export restricted, unless said
>>> goods are further processed outside the U.S. so as to result in a
>>> substantial change in value, so some of the PGP development would
>>> need to be done in Canada.
>>
>>How about compiling it? THAT is "further processing"......
>
>I am not sure that would hold. After all, the disk with the source code to
>"Applied Cryptography" was denied an export license, because the source
>code could be compiled into libraries.

So?  The ITAR doesn't control export to Canada.  Export the source code
to Canada, compile, validate, sign, and put on CD in Canada, and export
to the world.

I also seem to remember a while back (Mar/Apr) someone reported here that the
Canadian bureaucrat responsible for executing import/export rules said
that he didn't consider crypto to be restricted by Canada's rules.