From: “Pat Farrell” <pfarrell@netcom.com>
To: cypherpunks@toad.com
Message Hash: cbc593aa7ed77685a7d7fa45235472718c55b6062a045ab39edc28b7b52c95bc
Message ID: <70723.pfarrell@netcom.com>
Reply To: N/A
UTC Datetime: 1996-01-04 01:35:05 UTC
Raw Date: Thu, 4 Jan 1996 09:35:05 +0800
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Thu, 4 Jan 1996 09:35:05 +0800
To: cypherpunks@toad.com
Subject: RE: crypto (semi-)export issue
Message-ID: <70723.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
m5@dev.tivoli.com (Mike McNally) writes:
> Isn't it the case that there are loopholes or explicit exceptions in
> crypto export regulations that allow American businesses to supply
> their overseas operatives with tools for secure communication back
> home? We were discussing today some stuff about our web server, and
> there's some desire to provide secure access for our sales people to
> internal junk. Nobody was sure whether it'd be OK for our people in
> the Evil Empire (Europe) to have the 128-bit-RC4 Netscape for that
> purpose.
At the December NIST Key Escrow/GAK export meeting, Mike Nelson said that
there are rules that allow US companies to "easily" export strong encryption
to their overseas operations. The important (key :-) idea
is that the export is to protect the corporate assetts of US companies.
He seemed to imply that exporting, say PGP, for internal corporate use
was fine and easily done.
Other folks later claimed that this wasn't quite as easy as he claimed.
For more, see, http://www.isse.gmu.edu/~pfarrell/nist/pdf.nist2.html
Pat
Pat Farrell Grad Student http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage #include <standard.disclaimer>
Return to January 1996
Return to ““Pat Farrell” <pfarrell@netcom.com>”
1996-01-04 (Thu, 4 Jan 1996 09:35:05 +0800) - RE: crypto (semi-)export issue - “Pat Farrell” <pfarrell@netcom.com>