[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NSA, ITAR, NCSA and plug-in hooks.



>> For those who were wondering if plug-in crypto hooks were still watched 
>> out for. One wonders how the ietf folks are managing to promote internet-wide
>> standards that are considered unexportable (Are they? What's the deal on 
>> photuris, PEM, ipsec and the rest of them?)

> Does anyone know the ostensible justification for this?  What section of
> the ITARs do they point to when they say "this is illegal"?  I've perused
> an online copy of ITAR (no, I haven't read all of it -- I have other
> things I want to do this year :-), but I can't find a section that could
> be construed to support this contention.

Luckily, a lot of cryptographic materials are available outside the
United States (see e.g. http://www.cs.hut.fi/crypto for pointers).

If the United States chooses to restrict export of IP security
products, it simply helps create a flourishing network security
and other communications industry in other countries.  There are
already several implementations of the IP security stuff abroad -
including at least one in the former Soviet Union.

    Tatu