From owner-freebsd-security Thu Jan 13 19:47:50 2000 Delivered-To: freebsd-security@freebsd.org Received: from cairo.anu.edu.au (cairo.anu.edu.au [150.203.224.11]) by hub.freebsd.org (Postfix) with ESMTP id 1D24A155EA for ; Thu, 13 Jan 2000 19:47:45 -0800 (PST) (envelope-from avalon@cairo.anu.edu.au) Received: (from avalon@localhost) by cairo.anu.edu.au (8.9.3/8.9.3) id OAA24531; Fri, 14 Jan 2000 14:47:30 +1100 (EST) From: Darren Reed Message-Id: <200001140347.OAA24531@cairo.anu.edu.au> Subject: Re: Crypto regulations: Lucy pulls the football away? To: brett@lariat.org (Brett Glass) Date: Fri, 14 Jan 2000 14:47:30 +1100 (Australia/NSW) Cc: security@FreeBSD.ORG In-Reply-To: <4.2.2.20000113202656.01d66100@localhost> from "Brett Glass" at Jan 13, 2000 08:31:45 PM X-Mailer: ELM [version 2.5 PL1] MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In some mail from Brett Glass, sie said: [...] > >In §740.13, Technology and Software UNRESTRICTED, changes are made to > >reflect amendments to the Wassenaar Arrangement. Specifically, encryption > >software is no longer eligible for mass market treatment under the General > >Software Note. Encryption commodities and software are now eligible for > >mass market treatment under the new Cryptography Note in Category 5 - Part > >2 of the CCL. This Note multilaterally decontrols mass market encryption > >commodities and software up to and including 64-bits. > > So, if I read the draft correctly, no open source crypto software that's > strong enough to protect anyone's privacy against a marginally competent > code cracker can be exported, even under the new rules. Am I off base here? > I hope I am, but I fear I'm not. What does "Category 5 - Part 2 of the CCL" say ? At first they say: "encryption software is no longer eligible for mass market treatment under the General Software Note." but then go on to say: "Encryption commodities and software are now eligible for mass market treatment under the new Cryptography Note in Category 5 - Part 2 of the CCL." And then goes on to say: "This Note multilaterally decontrols mass market encryption commodities and software up to and including 64-bits" I read that as saying encryption software must be classified according to "Category 5 - Part 2 of the CCL" to determine if it is mass market or not, as opposed to whatever the "General Software Note" is. Better yet, get a lawyer who does government stuff for a living to read and advise. Darren To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message