[113805] in cryptography@c2.net mail archive
Re: Changes in Russian licensing of cryptraghical tools
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Tue Jan 22 22:47:16 2008
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: alserkli@inbox.ru, bill.stewart@pobox.com
Cc: cryptography@metzdowd.com
In-Reply-To: <6.2.1.2.1.20080120125940.04b2c980@pop.idiom.com>
Date: Tue, 22 Jan 2008 13:02:54 +1300
Bill Stewart <bill.stewart@pobox.com> writes:
>At 12:23 AM 1/20/2008, Alexander Klimov wrote:
>>Given what is required to get a license (for example, 4.b in the
>>first document, says that one must have people trained in
>>information security), I guess the new law is not supposed to
>>limit use of cryptography by ordinary people, but to limit
>>distribution of snake-oil by self-proclaimed "professionals".
>
>I would have guessed the opposite - it's designed to prevent customized
>encryption solutions that actually work, but not to prevent mass-market
>products. Since you don't need a license for totally inadequate crypto, you
>can still sell snake-oil customized for your users.
Someone who works for a Russian bank told me that it was designed to ensure
that FAPSI got paid [0]. In other words the government recognises that trying
to regulate encryption use is pointless, but since corporates can't afford to
flout the law this measure guarantees a steady cashflow.
Never attribute to malice what can be adequately explained by baksheesh.
Peter.
[0] It's not FAPSI any more now, this was a few years ago. I assume the FSB
now get the money.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
