Path: utzoo!utgpu!news-server.csri.toronto.edu!clyde.concordia.ca!uunet!cs.utexas.edu!usc!ucsd!network.ucsd.edu!hp-sdd!ncr-sd!ncrcae!hubcap!hstroma
From: hstroma@hubcap.clemson.edu (a concerned citizen ...)
Newsgroups: comp.sys.ibm.pc
Subject: Re: PKZIP version 1.10 and data encryption
Message-ID: <8536@hubcap.clemson.edu>
Date: 28 Mar 90 19:33:36 GMT
References: <X+G#*D$@rpi.edu>
Distribution: comp
Organization: Clemson University, Clemson, SC
Lines: 19

My .02 worth: It is my understanding that PKZip 1.10 uses the same
encryption method as 1.0x and 0.92. This algortihm is not the DoD DES 
algorithm and as such is not covered by the export restriction (a very
silly law in my opinion)

Disclaimers (aka flame retardant)
1) I have not yet got PKZ 1.1 (I'm off to grape next). If it uses DES,
all bets are off
2) The law, as I understand it, only prohibts foreign distribution of
products using the DES algorithm. This, I think, is confirmed by the
fact that PC Tools 5.x notes in the docs that the US/Canadian version
uses DES and may not be exported. The "foreign" version uses a
different, "less secure" and incompatable encryption algorithm. If
distribution of _any_ encryption technology was prohibitted, they
couldn't legally do this.

-Hepburn Stroman
-hstroma@hubcap.clemson.edu -or- hepburn@cs.clemson.edu
-Spell checkers? Who needs 'em? (Rhetorical, as above amply proves)