From: Moltar Ramone <jlasser@rwd.goucher.edu>
Date: Sat, 1 Jun 1996 07:08:12 +0800
To: Lucky Green <shamrock@netcom.com>
Subject: Re: Java Crypto API questions
In-Reply-To: <v02120d10add4c726d6c2@[192.0.2.1]>
Message-ID: <Pine.SUN.3.91.960531114414.23205A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 31 May 1996, Lucky Green wrote:

> At 8:15 5/31/96, Moltar Ramone wrote:
> 
> >My guess would be that the first of these two points answers the second.
> >Everything is exportable -- except signed third-party security packages.
> >My bet would be that the exportable code would not be more than RC4-40 or
> >perhaps 1DES, but that a signed package would go to RC4-128, 3DES, and
> >RSA-1024.  However, the signature on that package would be on the
> >condition that the vendor/distributor of that package follow all export
> >regulations.
> 
> Where does this leave foreign vendors? Will Sun sign the 3DES package of a
> foreign vendor?

Probably.  But they won't be able to export the signed 3DES package :)  
It leaves foreign vendors in trouble, is where.

----------
Jon Lasser (410)532-7138                         - Obscenity  is a crutch  for
jlasser@rwd.goucher.edu                            inarticulate motherfuckers.
http://www.goucher.edu/~jlasser/
Finger for PGP key (1024/EC001E4D)               - Fuck the CDA.