From: Oliver Huf <ohuf@relay.sedat.de>
To: cypherpunks@toad.com
Message Hash: 0dd271000ddbc0e5ccd4a1a7ccf7741ccefd501c9bcdc3ae4280c38f8be8f632
Message ID: <Pine.NXT.3.91.951207171726.21974V-100000@oe1>
Reply To: <9512062236.AA01307@alpha>
UTC Datetime: 1995-12-07 16:30:16 UTC
Raw Date: Thu, 7 Dec 95 08:30:16 PST
From: Oliver Huf <ohuf@relay.sedat.de>
Date: Thu, 7 Dec 95 08:30:16 PST
To: cypherpunks@toad.com
Subject: Re: Solution for US/Foreign Software?
In-Reply-To: <9512062236.AA01307@alpha>
Message-ID: <Pine.NXT.3.91.951207171726.21974V-100000@oe1>
MIME-Version: 1.0
Content-Type: text/plain
I don't know the US-Export regulations very well, so please
allow a quick one:
Maybe a legal way around the keysize-regulation would be:
Many US companies have subsidiaries <sp?> outside the US.
Some of them are leaded by non-US-citizens.
1) The U.S.-company engineers a software with strong (but legal)
crypto for use inside the U.S. The program is sold in the U.S.
At the same time the company exports the sourcecode of the
program *without* any crypto at all to their subsidiaries.
(should be legal)
2) one or more of the subsidiaries include "self-engineered"
crypto-routines into the program-"hull" they received
from inside the U.S.
This program is sold in th subsidiaries countries (Europe etc.)
Two things have to be assured:
- Both crypto-routines have to be compatible
- No U.S.-citizens must be involved in the engineering of the
subsidiaries crypto-routines.
Any comments?
ohuf.
Return to December 1995
Return to “Oliver Huf <ohuf@relay.sedat.de>”