[1208] in Kerberos_V5_Development
[Shu-jen Chang: Re: export control of SHA]
daemon@ATHENA.MIT.EDU (Theodore Y. Ts'o)
Fri May 17 16:59:09 1996
Date: Fri, 17 May 1996 16:58:39 -0400
From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
To: krbdev@MIT.EDU, randomizers@MIT.EDU
There may yet be hope that sanity will prevail.....
- Ted
------- Forwarded Message
X-Sender: chang@snad.ncsl.nist.gov
X-Mailer: Windows Eudora Version 2.0.3
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Fri, 17 May 1996 14:35:23 -0400
To: ipsec@TIS.COM
From: Shu-jen Chang <chang@snad.ncsl.nist.gov>
Subject: Re: export control of SHA
Sender: ipsec-approval@neptune.tis.com
Precedence: bulk
>A couple of people have observed in email that SHA-1 is export-controlled from
>the US.
>
>The good news is that SHA-1 is under Commerce Department rules, which means
>that US export licenses should be MUCH MUCH easier to obtain.
>
It is true that SHA-1 is export-controlled. However, according to the folks
at the Computer Security Division, NIST has sent a request to the Commerce
Department asking for a more general authorization for distributing DSS and
SHA-1. The request seemed to be approved. Unfortunately the person who was
handling the case was not available today, therefore, I would have to get
back to you next Monday regarding the specific rules for SHA distribution.
Shu-jen
------- End Forwarded Message
