[43418] in Cypherpunks
Re: NSA, ITAR, NCSA and plug-in hooks.
daemon@ATHENA.MIT.EDU (Tatu Ylonen)
Wed Nov 15 06:45:26 1995
Date: Tue, 14 Nov 1995 21:16:54 +0100
From: Tatu Ylonen <ylo@cs.hut.fi>
To: jeffb@sware.com
Cc: s1113645@tesla.cc.uottawa.ca, cypherpunks@toad.com
In-Reply-To: <199511141758.MAA14695@jafar.sware.com> (jeffb@sware.com)
>> For those who were wondering if plug-in crypto hooks were still watched
>> out for. One wonders how the ietf folks are managing to promote internet-wide
>> standards that are considered unexportable (Are they? What's the deal on
>> photuris, PEM, ipsec and the rest of them?)
> Does anyone know the ostensible justification for this? What section of
> the ITARs do they point to when they say "this is illegal"? I've perused
> an online copy of ITAR (no, I haven't read all of it -- I have other
> things I want to do this year :-), but I can't find a section that could
> be construed to support this contention.
Luckily, a lot of cryptographic materials are available outside the
United States (see e.g. http://www.cs.hut.fi/crypto for pointers).
If the United States chooses to restrict export of IP security
products, it simply helps create a flourishing network security
and other communications industry in other countries. There are
already several implementations of the IP security stuff abroad -
including at least one in the former Soviet Union.
Tatu
