From: Bill Stewart <stewarts@ix.netcom.com>
To: Ted Cabeen <cabeen@netcom.com>
Message Hash: ee04d429083b1cae63272b01122e8d7e51e0787817ff9e9d1be19b11f7877e6e
Message ID: <199512030324.TAA07279@ix5.ix.netcom.com>
Reply To: N/A
UTC Datetime: 1995-12-03 03:46:50 UTC
Raw Date: Sun, 3 Dec 1995 11:46:50 +0800
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 3 Dec 1995 11:46:50 +0800
To: Ted Cabeen <cabeen@netcom.com>
Subject: Re: Use of PGP as an export?
Message-ID: <199512030324.TAA07279@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
At 09:09 PM 12/2/95 -0800, Ted Cabeen <cabeen@netcom.com> wrote:
>I think this has been brought up before, but I could only find one reference
>to it in the archives and it wasn't too helpful, so I'll ask again. If a
>university provided a copy of PGP for use on their unix machines and a
>non-resident, non-citizen *used* the copy of PGP on the server, but did not
>download it onto their own machine, but instead just ran PGP on the server
>alone, would it be a violation of the ITAR? My school is interested in
>putting a copy of PGP on the university server and wants to know if they
>should somehow restrict access to citizens and legal residents only. Thanks.
That's not giving technical data to the foreigner, that's providing a service;
the ITAR doesn't seem to restrict that. It's not an especially secure way to
operate, but that's an inherent problem with multi-user systems or file servers.
One way to implement it that would be only mildly insecure would be to put PGP
on a file server, with execute-only permissions; users of client machines
still could be attacked by somebody faking out NFS, but they wouldn't have
to send their passphrases across the net the way they would in a telnet session.
#--
# Thanks; Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281
# Anybody notice that Microsoft's Wide Open Road ad has barbed-wire fences
# on both sides of the road?
Return to December 1995
Return to “Bill Stewart <stewarts@ix.netcom.com>”
1995-12-03 (Sun, 3 Dec 1995 11:46:50 +0800) - Re: Use of PGP as an export? - Bill Stewart <stewarts@ix.netcom.com>