[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Public key crypto

Date: Sat, 11 Jan 1997 01:46:33 -0800 (PST)
From: Kent Crispin <kent@songbird.com>
Subject: Re: Public key crypto

Jeff Williams allegedly said:
> 
> Kent,
> Kent Crispin wrote:
[...]
> > > Still what will a registry in any country outside of the USA
> > > use for processing requests? The International version of PGP is
> > > illegal  to use for commercial purposes anywhere.
> 
>   It can be used in the US and Canada if the RC4 or RC2 or DES
> encryption or authentication routines are not used and that the 
> key size is no larger than 56bits.

Jeff, you have a fundamental misunderstanding here.  The reason the 
international version cannot be used in the US is because it doesn't 
have a license for the RSA algorithms.  It has nothing to do with key 
size.

>   Not for import.
[...]
>   It is nearly free.  But could not be used for any international 
> authentication perposes for export to or from the US and Canada.

Jeff, when the terms "import" and "export" are used in these 
discussions they do not refer to the encrypted data, they refer to 
the programs themselves.  Nobody has to import or export PGP because 
it is already available.  The PGP program itself doesn't have to 
cross any national boundaries because it is already everywhere.

There is no law in the US that says I can't encrypt data with any 
size key I want, and ship it anywhere.  The issue is the transport of 
the encryption/decryption *technology and programs*, not 
encrypted/authenticated *data*.

[...]

> > One of the basic design features of the registry code I wrote is that
> > it has signed certificates that can be saved in files and used to
> > enforce non-repudiation.  You get a lot of power from that, and there
> > aren't too many alternatives available.
> 
>   There are at least 5 alternitives that I can think of off hand.
> SSL v3, Besafe, Stronghold, PCT1 v2, and SSLeah.
> 
>   SSL v3 and Besafe are very popular in europe.

*sigh*  I guess you didn't read what I wrote about signed 
certificates. 

-- 
Kent Crispin				"No reason to get excited",
kent@songbird.com,kc@llnl.gov		the thief he kindly spoke...
PGP fingerprint:   5A 16 DA 04 31 33 40 1E  87 DA 29 02 97 A3 46 2F

Follow-Ups:
- Re: Public key crypto
  - From: Jeff Williams <jwkckid1@ix.netcom.com>

References:
- Re: Public key crypto
  - From: Jeff Williams <jwkckid1@ix.netcom.com>

Prev by Date: Re: Public key crypto
Next by Date: Re: Public key crypto
Prev by thread: Re: Public key crypto
Next by thread: Re: Public key crypto
Index(es):
- Date
- Thread