[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Java Crypto API questions

To: [email protected]
Subject: Re: Java Crypto API questions
From: RHS Linux User <[email protected]>
Date: Mon, 3 Jun 1996 11:20:12 -0400 (EDT)
In-Reply-To: <[email protected]>
Sender: [email protected]

On Mon, 3 Jun 1996, Jeff Weinstein wrote:

> Andrew Loewenstern wrote:
> > 
> > Sun can export the signature though.  The vendor already has the package,
> > they just need the sig/cert...
> 
>   Not likely.  Sun will probably be required to agree not to do this
> as a condition of exporting software with "pluggable crypto".  Software
> with hooks for crypto functions is treated the same as the actual crypto
> as far as the ITAR is concerned.

When Microsoft announced their crypto API, they also announced that their 
signatures on crypto modules would be export-restricted.  According to 
e-mail I received from a Microsoft employee on the project, the act of 
signing was considered a "defense service" under ITAR, so exporting the 
signature would somehow be performing defense services for foreign 
persons.  It makes slightly less sense to me than the rest of the crypto 
export restrictions do, but I guess that's the deal that Microsoft worked 
out with the Feds in order to be allowed to do a crypto API at all.

Joe

References:
- Re: Java Crypto API questions
  - From: Jeff Weinstein <[email protected]>

Prev by Date: Re: Saw this on CNN: Anonymous Stock tips over IRC as bad???
Next by Date: Re: Java Crypto API questions
Prev by thread: Re: Java Crypto API questions
Next by thread: Re: Java Crypto API questions
Index(es):
- Date
- Thread