[13091] in Cypherpunks
Re: Keyserver service outage
daemon@ATHENA.MIT.EDU (Eli Brandt)
Thu May 5 04:40:58 1994
To: cypherpunks list <cypherpunks@toad.com>
Date: Thu, 5 May 94 1:36:25 PDT
From: Eli Brandt <ebrandt@jarthur.cs.hmc.edu>
In-Reply-To: <Pine.3.89.9405050930.A220-0100000@newdaisy.ee.und.ac.za>; from "Alan Barrett" at May 5, 94 9:20 am
> It is my understanding that folk outside the USA can legally run PGP
> versions from 2.0 to 2.3a, but cannot legally run Viacrypt 2.4 or the
> RSAREF-based version 2.5, because they contain code that cannot be
> exported from the USA.
Think about this. Under whose law would your running PGP 2.5 be
illegal? Your country's perhaps, I don't know. But the U.S. has
no law against foreigners (who aren't under its jurisdiction, anyway)
using encryption.
Now, it's illegal under the ITAR for someone in the U.S. to export
any version of PGP, or almost any crypto software. This is for
National Security reasons, natch. And most U.S. use of pre-2.4
versions probably infringes on RSA's patent on the math behind PGP.
But once it's over the border, none of this matters (until GATT
extends the miracle of uniform software patents to its signatories).
Eli ebrandt@hmc.edu
