[3366] in Kerberos
Re: DES export to Europe
daemon@ATHENA.MIT.EDU (Rob Shirey)
Fri Jun 3 01:19:57 1994
To: kerberos@MIT.EDU
Date: 2 Jun 1994 20:45:38 GMT
From: Rob Shirey <shirey@mitre.org>
mvbr@btma06.god.bel.alcatel.be (Marc Verbruggen)
This message from 1992 may be of help.
Regards, -Rob- Robert W. Shirey SHIREY@MITRE.ORG
tel 703.883.7210, sec 703.883.5749, fax 703.883.1397
Info. Security Div., The MITRE Corp., Mail Stop Z231
7525 Colshire Drive, McLean, Virginia 22102-3481 USA
Folks,
As most of you have seen, I whipped up a crib sheet on the rules
governing export of cryptographic products from the U.S. I've now
transformed that crib sheet into an ASCII to make it easy to send
around the net IT's attached below for your review and comment.
Ideally, this ought to be part of a larger document which covers the
basic concepts and rules. (This has been a back-burner work item
within the SAAG for man moons.)
Interest in this topic is heating up. At the last IETF meeting, Phill
Gross asked for a plenary presentation on all of this at the next IETF
meeting. since the IETF meeting will be in D.C. in November, we may
be able to have some expert from the government give the talk;
otherwise one of us can present it.
I've put together a brief mailing list of people who should
participate in this discussion. We can expand it to a full-scale
mailing list if we want, or we can keep it focused. My primary aim is
the accumulate an accurate picture of what the rules are; I'm *not*
interested, at least in this forum, in protracted discussion on the
merits of these rules.
Thanks,
Steve
+-------------------------------------+-------------------------------+
| Steve Crocker | Voice: 301-854-6889
|
| Trusted Information Systems | FAX: 301-854-5363
|
| 3060 Washington Road
|-------------------------------|
| Glenwood, MD 21738 | Internet: crocker@tis.com
|
+-------------------------------------+-------------------------------+
Summary of Export Rules for Products
Containing Cryptographic Functions
Stephen D. Crocker
July 26, 1992
For use within/by
Security Algorithm U.S. & Banks & All
Service Used Canada U.S. Subs Other
Integrity, RSA A C C
Signature &
Access Ctl DES A C C
Other A C C
Symmetric
Key RSA B F F
Management
DES B E E
Other B E E
Symmetric
Encryption RSA B G G
DES B D G
Other B F F
Symmetric
Key
A No restriction.
B No restriction. A label is recommend which warns that export of
the product requires a license.
C A license is required. A general Commerce Department commodity
license is available except for shipments to Eastern bloc
countries. Individual licenses are needed for shipment to Eastern
bloc countries and are generally granted.
D A State Department license is required and will generally be
granted.
E An export license is needed. Each application will be examined on
a case-by-case basis. For some products, a Commerce Department
commodity license may be available.
F An export license is required and is generally granted provided
the modulus does not exceed 512 bits.
G An export license is required and generally will NOT be granted.
