[3379] in Kerberos
Re: DES export to Europe
daemon@ATHENA.MIT.EDU (73751.67@compuserve.com)
Sat Jun 4 03:25:55 1994
To: kerberos@MIT.EDU
Date: Fri, 03 Jun 94 18:31:32 EDT
From: 73751.67@compuserve.com
In article <2slgdi$d4u@linus.mitre.org>, <shirey@mitre.org> writes:
> Path:
cisdfl01!meaddata!babbage.ece.uc.edu!news.kei.com!MathWorks.Com!blanket.mitre.o
rg!linus.mitre.org!shirey-mac.mitre.org!shirey
> From: Rob Shirey <shirey@mitre.org>
> Newsgroups: alt.security,comp.protocols.kerberos
> Subject: Re: DES export to Europe
> Date: 2 Jun 1994 20:45:38 GMT
> Organization: The MITRE Corporation, McLean, Virginia, USA
> Lines: 109
> Distribution: world
> Message-ID: <2slgdi$d4u@linus.mitre.org>
> References: <2ska0p$eeh@btmplq.god.bel.alcatel.be>
> NNTP-Posting-Host: shirey-mac.mitre.org
> X-Newsreader: Nuntius Version 1.2
> X-XXMessage-ID: <AA13BD94D2018C64@shirey-mac.mitre.org>
> X-XXDate: Thu, 2 Jun 1994 16:47:16 GMT
>
> mvbr@btma06.god.bel.alcatel.be (Marc Verbruggen)
>
> This message from 1992 may be of help.
>
> Regards, -Rob- Robert W. Shirey SHIREY@MITRE.ORG
> tel 703.883.7210, sec 703.883.5749, fax 703.883.1397
> Info. Security Div., The MITRE Corp., Mail Stop Z231
> 7525 Colshire Drive, McLean, Virginia 22102-3481 USA
>
> Folks,
>
> As most of you have seen, I whipped up a crib sheet on the rules
> governing export of cryptographic products from the U.S. I've now
> transformed that crib sheet into an ASCII to make it easy to send
> around the net IT's attached below for your review and comment.
>
> Ideally, this ought to be part of a larger document which covers the
> basic concepts and rules. (This has been a back-burner work item
> within the SAAG for man moons.)
>
> Interest in this topic is heating up. At the last IETF meeting, Phill
> Gross asked for a plenary presentation on all of this at the next IETF
> meeting. since the IETF meeting will be in D.C. in November, we may
> be able to have some expert from the government give the talk;
> otherwise one of us can present it.
>
> I've put together a brief mailing list of people who should
> participate in this discussion. We can expand it to a full-scale
> mailing list if we want, or we can keep it focused. My primary aim is
> the accumulate an accurate picture of what the rules are; I'm *not*
> interested, at least in this forum, in protracted discussion on the
> merits of these rules.
>
> Thanks,
>
> Steve
>
>
> +-------------------------------------+-------------------------------+
> | Steve Crocker | Voice: 301-854-6889
> |
> | Trusted Information Systems | FAX: 301-854-5363
> |
> | 3060 Washington Road
> |-------------------------------|
> | Glenwood, MD 21738 | Internet: crocker@tis.com
> |
>
> +-------------------------------------+-------------------------------+
>
> Summary of Export Rules for Products
> Containing Cryptographic Functions
>
> Stephen D. Crocker
> July 26, 1992
>
> For use within/by
>
> Security Algorithm U.S. & Banks & All
> Service Used Canada U.S. Subs Other
>
>
> Integrity, RSA A C C
> Signature &
> Access Ctl DES A C C
>
> Other A C C
> Symmetric
>
>
> Key RSA B F F
> Management
> DES B E E
>
> Other B E E
> Symmetric
>
>
> Encryption RSA B G G
>
> DES B D G
>
> Other B F F
> Symmetric
>
>
> Key
>
> A No restriction.
>
> B No restriction. A label is recommend which warns that export of
> the product requires a license.
>
> C A license is required. A general Commerce Department commodity
> license is available except for shipments to Eastern bloc
> countries. Individual licenses are needed for shipment to Eastern
> bloc countries and are generally granted.
>
> D A State Department license is required and will generally be
> granted.
>
> E An export license is needed. Each application will be examined on
> a case-by-case basis. For some products, a Commerce Department
> commodity license may be available.
>
> F An export license is required and is generally granted provided
> the modulus does not exceed 512 bits.
>
> G An export license is required and generally will NOT be granted.
Steve,
Forgive me if these are "dumb" questions but:
- By U.S. Subs do you mean subsidiaries of U.S. based corporations ?
- Could you please elaborate on what "Other Symmetric" might
consist of ?
- Is there (do you have) a contact (name, number, etc.) of the
appropriate department within State or Commerce one would contact
about obtaining necessary licenses ?
- By RSA, are you including all forms of public key encryption or
only certain ones ?
- How long, in your experience, do these licenses generally take to
obtain ?
Thanks very much for your help and this excellent information.
Pete
