[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Reinsch On Crypto/Wassenaar




Note I have an article up at wired.com about Reinsch's speech yesterday on
crypto at a defense/critical inf event.

-Declan

At 08:16 PM 12-8-98 -0500, John Young wrote:
>Excerpt from a speech by BXA's William Reinsch on December 7, 
>1998, at the Practising Law Institute conference "Coping with U.S.
>Export Controls." Note final paragraph about detailed crypto 
>session today -- no report on that yet.
>
>Full speech: http://jya.com/war120798-2.htm
>
>Also by him yesterday on crypto: http://jya.com/war120798.htm
>
>[Begin excerpt]
>
>Encryption continues to be a hotly debated issue. As I stated last
>year, the U.S. continues to support a balanced approach to encryption
>policy which considers privacy and commercial interests as well as
>protecting law enforcement and national security interests.
>Furthermore, we also remain committed to promoting the growth of
>global electronic commerce through secure financial and business
>communications.
>
>Our position has always been to seek industry-led, market-driven
>solutions to achieve a balanced approach. What has changed is the
>direction where technology and the market place are taking us. Key
>recovery technology remains a very important part of our policy;
>however, over the past two years, we have recognized that key recovery
>is not a solution for all problems.
>
>That recognition, brought about in part as a result of our ongoing
>dialogue with industry, has helped us also focus on recoverable
>technologies that can enable law enforcement to continue its
>authorized activities.
>
>As a result, on September 16, Vice President Gore unveiled a policy
>update, which will not end the debate, but which does include steps to
>further streamline exports of key recovery products and other
>recoverable products which allow law enforcement, under proper legal
>authority, recovery of plain text.
>
>The update also provides for 1) the export of 56 bit DES worldwide to
>any end user under a license exception; 2) exports of strong
>encryption to U.S. companies and their subsidiaries under a license
>exception; 3) exports of strong encryption to the insurance and
>medical sectors in 45 countries under a license exception; and 4)
>exports of strong encryption to secure on-line transactions between
>on-line merchants and their customers in 45 countries under a license
>exception. This is consistent with our earlier announcement relating
>to financial institutions.
>
>This is an evolutionary process and we intend to continue our
>dialogue. We must continue to adapt to changes, and we will review 
>our policies again within the year to determine whether further 
>change is necessary. We intend to publish regulations implementing 
>the Vice President's announcement this month.
>
>With respect to developing a common international approach to
>encryption policy, Ambassador David Aaron, our special envoy on
>cryptography, is working with other countries to ensure that our
>policies are compatible. He has found that most major producing
>countries have public safety and national security concerns similar 
>to ours and are interested in developing a harmonized international
>approach regarding compatible infrastructures for electronic commerce
>and for a key management infrastructure. At last week's Wassenaar
>Arrangement plenary session, the participating states approved a
>number of changes to modernize and improve multilateral encryption
>export controls. These changes removed controls on products below 
>56 bits and on certain consumer entertainment systems, such as DVD
>products, and on cordless phone systems designed for home or office
>use.
>
>Most important, participating states agreed to extend controls to
>mass-market encryption exports above 64 bits, thus closing a
>significant loophole. This will enable governments to review the
>dissemination of the strongest encryption products that otherwise
>might fall into the hands of rogue end users.
>
>For those of you deeply interested in the details of our encryption
>policy, we have a specific session devoted to it tomorrow.
>
>[End excerpt]
>