From: Bill Stewart <stewarts@ix.netcom.com>
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Message Hash: f1397484c25485efacfe3d83fe8a2f6539bcb4f9acd01dd0c9ceb6ebffb8ffd4
Message ID: <199602290845.AAA03948@ix4.ix.netcom.com>
Reply To: N/A
UTC Datetime: 1996-02-29 21:58:03 UTC
Raw Date: Fri, 1 Mar 1996 05:58:03 +0800
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 1 Mar 1996 05:58:03 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: S/MIME outside the US?
Message-ID: <199602290845.AAA03948@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
At 10:49 PM 2/24/96 -0500, Lewis wrote:
>volley@lls.se writes:
>> If I got things right, DES is "exportable" as long as the keysize
>> is kept under a certain size, which is too small to be really secure?
>
>All things are exportable as long as the keysize is kept under a certain size,
>which is too small to be really secure.
That's not correct - you can only export crypto code from the US
for which you have Permission, and they'll only give you Permission
if it's weak crypto or you agree to be Well-Behaved (e.g. US banks
can export real DES for talking to other banks, but US banks can be
subpoenaed and forced to hand over the plaintext.)
There have been people who've gotten export permission for modified DES,
e.g. real 56-bit DES with the key chosen from a 40-bit keyspace.
I'm assuming from volley's address that he or she is in Sweden,
and thus not directly limited by US export laws. Write what you want,
and post it somewhere outside the US; we can import it legally.
As a non-American, you probably couldn't get US export permission for
even 40-bit RC4, and maybe not even for rot13.
#--
# Thanks; Bill
# Bill Stewart, stewarts@ix.netcom.com / billstewart@attmail.com +1-415-442-2215
# http://www.idiom.com/~wcs Pager +1-408-787-1281
Return to March 1996
Return to “Peng-chiew Low <pclow@pc.jaring.my>”