1997-09-30 - Re: Crypto Legality Question

Header Data

From: geeman@best.com
To: Adam Back <rodger@worldnet.att.net
Message Hash: 8070d31fdc4da1bf68e827aa13827ec1c9a281b2524609f92e16328810e5df9b
Message ID: <3.0.32.19970930094118.006edce0@best.com>
Reply To: N/A
UTC Datetime: 1997-09-30 18:07:04 UTC
Raw Date: Wed, 1 Oct 1997 02:07:04 +0800

Raw message

From: geeman@best.com
Date: Wed, 1 Oct 1997 02:07:04 +0800
To: Adam Back <rodger@worldnet.att.net
Subject: Re: Crypto Legality Question
Message-ID: <3.0.32.19970930094118.006edce0@best.com>
MIME-Version: 1.0
Content-Type: text/plain



*My* understanding is that this is violation of United State law,
irespective of Canada.  But hell, IANAL.

At 11:03 PM 9/29/97 +0100, Adam Back wrote:
>
>
>Will Rodger <rodger@worldnet.att.net> writes:
>> At 01:25 PM 9/29/97 +0000, Jim Burnes wrote:
>> >
>> >ACME corporation, a mostly Canadian outfit with a major
>> >subsidiary in the US, wants to roll out corporate wide crypto.
>> >
>> >Most of their network operations are in the US except one
>> >of their offices in Ireland.
>> >
>> >Question (1): Can they buy a strong crypto package in the
>> >US and physically roll it out to both Canada and Ireland.
>> 
>> Nope. Though Canada allows export of strong crypto generally, 
>> Canadians may not re-export US products once they enter the country.
>
>This is not the way I understand it.
>
>You can re-export strong crypto from Canada, you just have to inform
>the appropriate Canadian government department that you have done so.
>
>So procedure is: 1) import software from US, 2) write appropriate
>Canadian export department telling "I'm going to export blah to xyz
>corp offices in Ireland", 3) export it.
>
>That is, there is a loop-hole, you don't have to ask permission for
>export, you just have to inform them you're going to do it.  (You
>might want to check this out with a Canadian lawyer familiar with the
>rules, and loop-holes).
>
>So you informed them.  They can't do anything about it.  They won't
>like it, but they don't have to.
>
>I'm told Kerebos was exported by this route.  US -> Canada -> UK.
>100% legally.
>
>Adam
>-- 
>Now officially an EAR violation...
>Have *you* violated EAR today? --> http://www.dcs.ex.ac.uk/~aba/rsa/
>
>print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
>)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
>
>
>
obligatory pgp key:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 4.5

mQENAjMPX3sAAAEIAL8U6IqpMkqM3TcIqU/q7iot8pYk4ifVNaNlIYwwoYmPXH/T
dabDzgkQg7h1QsEJU71Ze8EdHmKksfeBEVppJV6X9SyzpFOCgrI/Qr7hMbxnecci
SVk2/B2lf4tUPuqm/DGRfAUcd4iG7Gjhw5GRh9Us/jrEtkqr3iIES+9pSNvrEsgB
xYYR39eaYwe0gheExaO7vtvDDPUM7C3spbcnwOyLCpURpLCAMHUO8DQc2FO/fN4z
TqqIFOect2ea4LYHr0o29RrtY9J85lQj3df8LQvIJWjwzAFfBqOU1KUdXqTayzUj
rvY4ZL/1vhTJ5QmlBJ6ognqwk7PVN0SesspU2okABRG0IGdyZWdnIHBlcnNvbmFs
IDxnZWVtYW5AYmVzdC5jb20+
=H0bC
-----END PGP PUBLIC KEY BLOCK-----






Thread