1996-03-27 - Re: About Triple DES ……

Header Data

From: Rich Graves <llurch@networking.stanford.edu>
To: Victor Ramon Aguilar Ocampo <aguilar@servidor.dgsca.unam.mx>
Message Hash: 66efe188e3aec926d54cf1051a525fc78ec5744c2606184221935315d8553147
Message ID: <Pine.SUN.3.92.960326124610.23985A-100000@elaine41.Stanford.EDU>
Reply To: <Pine.SV4.3.91.960326141838.9870D-100000@servidor>
UTC Datetime: 1996-03-27 07:22:17 UTC
Raw Date: Wed, 27 Mar 1996 15:22:17 +0800

Raw message

From: Rich Graves <llurch@networking.stanford.edu>
Date: Wed, 27 Mar 1996 15:22:17 +0800
To: Victor Ramon Aguilar Ocampo <aguilar@servidor.dgsca.unam.mx>
Subject: Re: About Triple DES ......
In-Reply-To: <Pine.SV4.3.91.960326141838.9870D-100000@servidor>
Message-ID: <Pine.SUN.3.92.960326124610.23985A-100000@elaine41.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain

Victor Ramon Aguilar Ocampo escribe:

>    Please let me know if TRIPLE DES is regulated by the same rules than
> the others criptography systems in USA.

Yes. Apparently there's even a standard place on the export request forms
to check off "please resubmit without triple-DES support." If this is
something you want to be able to take across the border, you need to get
it from a non-US source.

>    We want to use it here in National Autonomous University of Mexico, so
> we don't want to get jailed.

You wouldn't be jailed, since as far as I know, it's perfectly legal for
you to use DES. It's just illegal for anyone in the US or Canada to give
it to you.

It's possible that some NAFTA working group has written regulations to
make Mexico answerable for ITAR violations, but I seriously doubt it.