Path: utzoo!utgpu!news-server.csri.toronto.edu!rutgers!tut.cis.ohio-state.edu!ucbvax!bloom-beacon!bloom-picayune.mit.edu!athena.mit.edu!jik
From: jik@athena.mit.edu (Jonathan I. Kamens)
Newsgroups: comp.unix.questions
Subject: Re: DES (crypt) vs. the FTC
Message-ID: <1991Mar21.202338.3102@athena.mit.edu>
Date: 21 Mar 91 20:23:38 GMT
References: <mwarren.669570304@rws1>
Sender: news@athena.mit.edu (News system)
Distribution: usa
Organization: Massachusetts Institute of Technology
Lines: 22

In article <mwarren.669570304@rws1>, mwarren@rws1.ma30.bull.com (Mark Warren) writes:
|> My current belief is that there is no longer any restriction, from the US
|> government, concerning shipping the DES algorithm overseas.  Can anyone
|> provide an *AUTHORITIVE* confirmation on this?

  As far as I know, there are still restrictions.

  Some versions of Unix manage to ship overseas with crypt() (and more
recently with Kerberos, e.g. in Ultrix 4.0), because of the following:

1. The code is being used for *authentication*, rather than for *encryption*.
   I believe the export restrictions draw a distinction.

2. The vendors get specific permission from the government to export the code
   in the specific form it takes in their products.  They have enough money
   and enough lawyers to do this. :-)

-- 
Jonathan Kamens			              USnail:
MIT Project Athena				11 Ashford Terrace
jik@Athena.MIT.EDU				Allston, MA  02134
Office: 617-253-8085			      Home: 617-782-0710