Re: Export Strong Crypto (was: reference)

Ben Laurie (ben@algroup.co.uk)
Sat, 21 Mar 1998 12:36:40 +0000

• Next message: Ian Goldberg: "Re: ciphertext stealing in CBC mode"
• Previous message: Anonymous: "Re: Export Strong Crypto (was: reference)"
• Next in thread: James A. Donald: "Re: Export Strong Crypto (was: reference)"

Interesting, isn't it, that the requirements are a combination of
nonsense and lies...

Anonymous wrote:
> (A) Ensuring that the facility from which the software is available
> controls the access to and transfers of such software through such
> measures as:
> (1) The access control system, either through automated means or
> human intervention, checks the address of every system requesting or
> receiving a transfer and verifies that such systems are located within
> the United States;

Huh? How? Even if it were possible - I have logins on machines in the
US, so I can pass this requirement, no problem.

> (2) The access control system, provides every requesting or
> receiving party with notice that the transfer includes or would include
> cryptographic software subject to export controls under the Export
> Administration Act, and that anyone receiving such a transfer cannot
> export the software without a license; and

Not so: the act does not apply to me.

> (3) Every party requesting or receiving a transfer of such software
> must acknowledge affirmatively that he or she understands that the
> cryptographic software is subject to export controls under the Export
> Administration Act and that anyone receiving the transfer cannot export
> the software without a license; or

Now I'm required to acknowledge something that isn't true!

Even if we ignore these problems, this doesn't actually enforce my
understanding of the export restrictions: under these rules a foreign
national on US soil can gain access to the s/w. I thought that wasn't
allowed?

Cheers,

Ben.

-- 
Ben Laurie            |Phone: +44 (181) 735 0686|  Apache Group member
Freelance Consultant  |Fax:   +44 (181) 735 0689|http://www.apache.org
and Technical Director|Email: ben@algroup.co.uk |
A.L. Digital Ltd,     |Apache-SSL author    http://www.apache-ssl.org/
London, England.      |"Apache: TDG" http://www.ora.com/catalog/apache

• Next message: Ian Goldberg: "Re: ciphertext stealing in CBC mode"
• Previous message: Anonymous: "Re: Export Strong Crypto (was: reference)"
• Next in thread: James A. Donald: "Re: Export Strong Crypto (was: reference)"