[1333] in Kerberos
DES and export
daemon@ATHENA.MIT.EDU (Chris Riddick)
Mon Apr 8 19:35:44 1991
From: nss1!cjr@uunet.UU.NET (Chris Riddick)
To: uunet!servio!penneyj@uunet.UU.NET
Cc: cjr@uunet.UU.NET, kerberos@ATHENA.MIT.EDU
Date: Mon, 8 Apr 91 16:51:58 EDT
To the best of my understanding of government restrictions, you cannot
export any product with DES embedded in it if the encryption is for
data confidientiality services. There appear to be some exportable
applications if the encryption is used solely for authentication. In
this case, the encryption service must not be accessible by the user
or programmer.
OSF is facing this problem "Big-Time" because of the extensive participa-
tion of foreign vendors and the need to provide compatible versions for
both U.S. and overseas consumption.
The only exception to the export restrictions is from U.S. to our
good buddies in Canada. We can export encryption to Canada.
Chris Riddick
UUNET: uunet!nss1!cjr
Internet: nss1!cjr@UUNET.UU.NET
USSnail: Simpact Associates, Inc.
12007 Sunrise Valley Drive
Reston, Virginia 22091
Phone: 703-758-0190 x2156
FAX: 703-758-0941
