[740] in Kerberos
Change in Export Rules
daemon@TELECOM.MIT.EDU (Scott Lawrence)
Wed Jun 21 10:00:08 1989
To: Info Kerberos <kerberos@ATHENA.MIT.EDU>
From: Scott Lawrence <lawrence@S47.PRIME.COM>
At last weeks NIST OSI Implementors Workshop Security SIG meeting, Lou Giles
of the NSA said that the government is officially relaxing some of the
restrictions on export of strong cryptography. Wherever cryptography is used
only to provide authentication and integrity services, but does not provide a
confidentiality service, export will be permitted regardless of the strength
of the cryptography (I specifically asked about both DES and RSA). Licenses
will be issued by the Dept of Commerce rather than the Dept of State, which
will continue to control export of cryptography for confidentiality purposes.
He expects the official announcement of the policy change to appear in the
Federal Register in the next few weeks.
For those of us who intend to build exportable products incorporating
Kerberos, this is very good news. We will have to remove the privacy
routines, but otherwise it looks like Kerberos can be made exportable.
---
Scott Lawrence | Internet: lawrence@s47.Prime.COM
Communications Engineering | Usenet: {sun,decvax}!cvbnet!s47.Prime.COM!lawrence
Prime Computer, Inc. | Phone: [508] 879-2960 Voice: x3704 Fax: x3901
