[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: European crypto export policy



Ulf Moeller wrote:

> I wonder if someone whose Swedish is better than mine could summarize
> the article? It is at http://www.et.se/datateknik/arkiv/97-02/5.html

After signing the Wassenaar Arrangement, Sweden has written it's own
ITAR and there is a subdepartment of the UD, it's Foreign Office/State
Department, the ISP (Inspection of Strategic Products), that handles
export requests, if need be with the help of the FRA, it's NSA.

A representative of the ISP says that only a handful of EU member states
are completely cleared by the Wassenaar statutes to be at the importing
end of strong crypto: England, France, Holland, Sweden and Germany.
Most other EU states could fail because it would be to upgrade them
concerning their cryptologic resources.

An example is given: the coming Swedish ID smartcard (using DES
and 512 bit RSA) would theoretically need a OK from the ISP before
being carried over the border to Denmark.

A crypto exporter (obviously hardware) complains about harassing
bureaucrazy even if Germany is the recipient.

So much about that short article. In addition to Goran Axelsson,
Sweden's representative in the EU's IT security body whom Ulf
is mentioning in his post, Swedish crypto-politics is handled
by this guy's boss (at least formally) at the UD, Magnus Faxen.
And then there is the FRA (Forsvarets Radioanstalt), a body as
secretive as the NSA. They don't officially take part in the
discussions at all.


Asgaard