Re: Public key crypto

[Jeff Williams <jwkckid1@ix.netcom.com>]

Kent Crispin wrote:
> 
> Jeff Williams allegedly said:
> >
> > Kent,
> > Kent Crispin wrote:
> [...]
> > > > Still what will a registry in any country outside of the USA
> > > > use for processing requests? The International version of PGP is
> > > > illegal  to use for commercial purposes anywhere.
> >
> >   It can be used in the US and Canada if the RC4 or RC2 or DES
> > encryption or authentication routines are not used and that the
> > key size is no larger than 56bits.
> 
> Jeff, you have a fundamental misunderstanding here.  The reason the
> international version cannot be used in the US is because it doesn't
> have a license for the RSA algorithms.  It has nothing to do with key
> size.
> 
> >   Not for import.
> [...]
> >   It is nearly free.  But could not be used for any international
> > authentication perposes for export to or from the US and Canada.
> 
> Jeff, when the terms "import" and "export" are used in these
> discussions they do not refer to the encrypted data, they refer to
> the programs themselves.  Nobody has to import or export PGP because
> it is already available.  The PGP program itself doesn't have to
> cross any national boundaries because it is already everywhere.

  As I refer to Import and Export I am not refering to "Programs",
I am, indeed refering to "Data" secured with the use of these
"Programs".  Please read ITAR requirnmets closely.
> 
> There is no law in the US that says I can't encrypt data with any
> size key I want, and ship it anywhere.  The issue is the transport of
> the encryption/decryption *technology and programs*, not
> encrypted/authenticated *data*.

  I don't think you are correct.  ITAR and a presidential order cover
this very compleatly.  Please review them.
> 
Regards,

-- 
Jeffrey A. Williams
DIR. Internet Network Eng/SR. Java Development Eng.
Information Eng. Group. 
Phone :972-447-1878
E-Mail jwkckid1@ix.netcom.com