1996-11-02 - Re: ITAR financial crypto exception?

Header Data

From: frantz@netcom.com (Bill Frantz)
To: cypherpunks@toad.com
Message Hash: 92cc5a5ba0e5c59e97360dc6de81407be77e0c937949342313f852510ffe34e8
Message ID: <199611021806.KAA05269@netcom6.netcom.com>
Reply To: N/A
UTC Datetime: 1996-11-02 18:06:15 UTC
Raw Date: Sat, 2 Nov 1996 10:06:15 -0800 (PST)

Raw message

From: frantz@netcom.com (Bill Frantz)
Date: Sat, 2 Nov 1996 10:06:15 -0800 (PST)
To: cypherpunks@toad.com
Subject: Re: ITAR financial crypto exception?
Message-ID: <199611021806.KAA05269@netcom6.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At  8:25 PM 11/1/96 -0800, Greg Broiles quoted:
>According to the "United States Munitions List", 22 CFR 121.1, Category
>XIII, "Auxiliary Military Equipment":
>
>"Information Security Systems and equipment, cryptographic devices,
>software, and components specifically designed or modified therefor" are
>included in the munitions list; but not if they are 
>
>"[s]pecially designed, developed or modified for use in machines for
>banking or money transactions, and restricted to use only in such
>transactions. Machines for banking or money transactions include automatic
>teller machines, self-service statement printers, point of sale terminals
>or equipment for the encryption of interbanking transactions." (22 CFR
>121.1, Category XIII (b)(1)(ii)),
>
>or if they are 
>
>"[l]imited to access control, such as automatic teller machines,
>self-service statement printers or point of sale terminals, which protects
>password or personal identification numbers (PIN) or similar data to prevent
>unauthorized access to facilities but does not allow for encryption of
>files or
>text, except as directly related to the password of PIN protection." (22
>CFR 121.1, Category XIII (b)(1)(v)).

I don't think either of these exclusions would cover the reference
implementation of the SET protocol.  I don't think it would cover an
electronic commerce application running on a personal computer/workstation
either.  Therefore I conclude that the ITAR is contributing to the
vulnerability of our emerging electronic commerce infrastructure.


-------------------------------------------------------------------------
Bill Frantz       | Tired of Dole/Clinton?     | Periwinkle -- Consulting
(408)356-8506     | Vote 3rd party.  I'm       | 16345 Englewood Ave.
frantz@netcom.com | Voting for Harry Browne    | Los Gatos, CA 95032, USA







Thread