[3515] in cryptography@c2.net mail archive
Re: IAB, BXA, Cisco, Reinsch, Aarons - Private Doorbells
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Mon Oct 19 20:02:11 1998
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: cryptography@c2.net
Reply-To: pgut001@cs.auckland.ac.nz
Date: Tue, 20 Oct 1998 01:44:23 (NZDT)
Vin McLellan <vin@shore.net> writes:
>Getting a crypto export license in the US is not a public or transparent
>process. In recent years, the government approval process has typically
>involved such arbitrary judgements on the part of the Commerce Department and
>NSA staff that there has been no rational way of predicting if a product will
>be approved or not. Such a process leaves a lot of room for quiet deals and
>maximizes the government 's ability to apply pressure on corporations.
I've run into the same problem here. After a series of letters to the
Ministry of Foreign Affairs and Trade to try and pin down exactly what their
export requirements were, they finally told me that it wasn't possible for me
to try and figure them out, the only way to tell whether something was
exportable was to ask them and wait for a yes/no answer (the wording was
something like "Despite the guidelines we've given you so far, it is the job
of the Ministry, not you, to decide what is and isn't exportable". This may
have been prompted by my asking them "So a monoalphabetic substitution cipher
with a 2048-bit key isn't exportable but an EC PKC with a 160-bit key is?" :-).
Peter.
