1996-12-12 - New export controls to include code signing applications

Header Data

From: Lucky Green <shamrock@netcom.com>
To: cypherpunks@toad.com
Message Hash: 5d7c118d220e0dd8bf8cfc6d435706bfd79a38741b45734388b398596f6c3137
Message ID: <>
Reply To: N/A
UTC Datetime: 1996-12-12 00:38:50 UTC
Raw Date: Wed, 11 Dec 1996 16:38:50 -0800 (PST)

Raw message

From: Lucky Green <shamrock@netcom.com>
Date: Wed, 11 Dec 1996 16:38:50 -0800 (PST)
To: cypherpunks@toad.com
Subject: New export controls to include code signing applications
Message-ID: <>
MIME-Version: 1.0
Content-Type: text/plain

It has been speculated in the past that certain crypto schemes, such as
proposed by Microsoft and Sun, using signed crypto plugins might be helpful
to the cause for strong crypto if non-US branches of US software companies
would certify foreign developed crypto software.

According to the recent proposal by Commerce, this will not happen. It will
be illegal to export the software required to sign the code. So much for
the government's claim that they make no attempt to limit the export of
signing-only software.

>From http://www.steptoe.com/commerce.htm

[Listing specific software prohibited from export]
"c.2. "Software" to certify "software" controlled by 5D002.c.1; "

And, btw, virus checkers are also prohibited from export. Makes you wonder.

"c.3. "Software" designed or modified to protect against malicious computer
damage, e.g., viruses;"

-- Lucky Green <mailto:shamrock@netcom.com> PGP encrypted mail preferred
   Make your mark in the history of mathematics. Use the spare cycles of
   your PC/PPC/UNIX box to help find a new prime.