[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Crypto Legality Question
Will Rodger <[email protected]> writes:
> At 01:25 PM 9/29/97 +0000, Jim Burnes wrote:
> >
> >ACME corporation, a mostly Canadian outfit with a major
> >subsidiary in the US, wants to roll out corporate wide crypto.
> >
> >Most of their network operations are in the US except one
> >of their offices in Ireland.
> >
> >Question (1): Can they buy a strong crypto package in the
> >US and physically roll it out to both Canada and Ireland.
>
> Nope. Though Canada allows export of strong crypto generally,
> Canadians may not re-export US products once they enter the country.
This is not the way I understand it.
You can re-export strong crypto from Canada, you just have to inform
the appropriate Canadian government department that you have done so.
So procedure is: 1) import software from US, 2) write appropriate
Canadian export department telling "I'm going to export blah to xyz
corp offices in Ireland", 3) export it.
That is, there is a loop-hole, you don't have to ask permission for
export, you just have to inform them you're going to do it. (You
might want to check this out with a Canadian lawyer familiar with the
rules, and loop-holes).
So you informed them. They can't do anything about it. They won't
like it, but they don't have to.
I'm told Kerebos was exported by this route. US -> Canada -> UK.
100% legally.
Adam
--
Now officially an EAR violation...
Have *you* violated EAR today? --> http://www.dcs.ex.ac.uk/~aba/rsa/
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`