From: Rich Graves <llurch@networking.stanford.edu>
Date: Wed, 27 Mar 1996 15:22:17 +0800
To: Victor Ramon Aguilar Ocampo <aguilar@servidor.dgsca.unam.mx>
Subject: Re: About Triple DES ......
In-Reply-To: <Pine.SV4.3.91.960326141838.9870D-100000@servidor>
Message-ID: <Pine.SUN.3.92.960326124610.23985A-100000@elaine41.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Victor Ramon Aguilar Ocampo escribe:

>    Please let me know if TRIPLE DES is regulated by the same rules than
> the others criptography systems in USA.

Yes. Apparently there's even a standard place on the export request forms
to check off "please resubmit without triple-DES support." If this is
something you want to be able to take across the border, you need to get
it from a non-US source.

>    We want to use it here in National Autonomous University of Mexico, so
> we don't want to get jailed.

You wouldn't be jailed, since as far as I know, it's perfectly legal for
you to use DES. It's just illegal for anyone in the US or Canada to give
it to you.

It's possible that some NAFTA working group has written regulations to
make Mexico answerable for ITAR violations, but I seriously doubt it.

-rich