[1444] in WWW Security List Archive
Re: crypto export laws
daemon@ATHENA.MIT.EDU (Robert W. Shirey)
Wed Feb 7 13:11:25 1996
Date: Wed, 7 Feb 1996 09:36:34 -0500
To: "Prince, Cheryl" <cprince@mfi.com>, www-security@ns2.rutgers.edu
From: "Robert W. Shirey" <rshirey@bbn.com>
Errors-To: owner-www-security@ns2.rutgers.edu
At 3:58 PM 2/6/96, Prince, Cheryl wrote:
>Can anyone give me the facts on the current cryptography export laws for
>internal corporate use? That is, if my company wants to communicate safely
>with
>our own branch offices abroad via WANs, can we use 128 bit encryption for that
>communication? Or are we restricted to 40 bit once the communication
>leaves the
>US (virtual) border?
>
>Much obliged,
>
>CJ Prince
>BS+T
Ms. Prince,
The U.S. export restrictions do not apply to data that has been encrypted
(although other countries do have such restrictions). Instead, the U.S.
restrictions apply to cryptographic equipment and technology information
about encryption. You need to consult with your company's legal department
before sending any such equipment to any foreign branch office and before
exchanging encrypted traffic between the U.S. and another country.
Regards, -Rob-
RShirey@BBN.com, Tel 703-284-4641, Sec 284-4600, Fax 284-4777
Robert W. Shirey, BBN Corporation, Mail Stop 30/4C, Suite 1200,
1300 North Seventeenth Street, Arlington, Virginia 22209-3801 USA
