From: Adam Back <aba@dcs.ex.ac.uk>
Date: Wed, 25 Jun 1997 00:25:02 +0800
To: iang@systemics.com
Subject: Re: spook pressure on crypto exports
In-Reply-To: <19970624103615.4100.qmail@aaa.aaa-mainstreet.nl>
Message-ID: <199706241511.QAA00479@server.test.net>
MIME-Version: 1.0
Content-Type: text/plain




Ian Grigg <iang@systemics.com> writes:
> Bill said:
> > ... and have been trying to work on the Irish...)
> 
> and Adam said:
> > Ireland is new to me.  What's their problem?
> 
> Ditto!  I'd like to know because ...
> 
> > Who's exporting things to attract spook export attention over there? 
> 
> Systemics is an Irish company, and so is Baltimore, and we both
> are 'exporters' depending on one's viewpoint.  

So's SSE (subsidiary of Siemens-Nixdorf).  But that's mostly/all
defense stuff, so they're presumably in thick with the military
intelligence, and export permission would be a snip for them.

> I don't know about Baltimore, but there is not a lot of pressure
> they can put on Systemics, as the majority of the Cryptix effort is
> now handed over to non-Systemics people.  That's the beauty of
> freeware.

Ireland allows intangible export, no permission required, same as UK.
They do say they would like a list of customers after the fact, but
that's just would like, not you are required to give or else.
(Clearly it would be a bit difficult to list the customers off your
open access web page).

For tangible exports you need permission, much as in the UK.  I get
the impression that the `open for business' attitude (love that 10%
corporate tax break, is systemics getting this?) would mean you'd get
an easier time than in the UK.  They promise fast efficient turn
around on export applications.  (Unlike NZ MFAT, reread Peter
Gutmann's story of down under intrigue on http://jya.com/nsazeal.htm
amazing, nearly bankrupted the company!)

> In contrast, I have been told that Ireland represents a prime place
> for this sort of stuff, as there are no restrictions whatever.

I think it's better than say UK.  But clearly not `no restrictions' at
least for tangible exports re above comments.

I don't know how this works out in practice, what they give tangible
export permission to, etc.

Adam
-- 
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/

print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`