[6164] in cryptography@c2.net mail archive
Re: 128-bit support
daemon@ATHENA.MIT.EDU (David Honig)
Wed Dec 1 14:34:44 1999
Message-Id: <3.0.5.32.19991201083530.007fdc40@pop.sprynet.com>
Date: Wed, 01 Dec 1999 08:35:30 -0800
To: "Enzo Michelangeli" <enzom@bigfoot.com>, <cryptography@c2.net>
From: David Honig <honig@sprynet.com>
In-Reply-To: <00aa01bf3bf0$405279c0$efcf54ca@asiainter.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
At 07:35 PM 12/1/99 +0800, Enzo Michelangeli wrote:
>----- Original Message -----
>From: David Honig <honig@sprynet.com>
>To: Bill Stewart <bill.stewart@pobox.com>; <kris@cmcltd.com>;
><cryptography@c2.net>
>Sent: Wednesday, December 01, 1999 5:40
>Subject: Re: 128-bit support
>
>
>> Way too funny. India recommends *not* using american security
>> software.
>
>Speaking about which: isn't Certification Authority software subject to EAR
>export controls? I'm asking because Hongkong Post (the Hong Kong Post
>Office) has announced that they will start to offer CA services (being in
>fact the first legally recognized local CA), and will use a system provided
>by HP. HP swears that there are no backdoors or covert channels to leak bits
>of the CA's root key, and Hongkong Post believes them, but then I wonder how
>they got an export license.
>
>Cheers --
>
>Enzo
A CA is for authentication. This is OK to export (and shown to
be stupid by Rivest's Chaffing & Winnowing construction).
All HP would have needed is to demonstrate you can't use
their product for arbitrary secure messaging.
IANAL.
