From owner-freebsd-chat Wed Jan 20 12:58:41 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA17692 for freebsd-chat-outgoing; Wed, 20 Jan 1999 12:58:41 -0800 (PST) (envelope-from owner-freebsd-chat@FreeBSD.ORG) Received: from andrsn.stanford.edu (andrsn.Stanford.EDU [36.33.0.163]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA17675 for ; Wed, 20 Jan 1999 12:58:39 -0800 (PST) (envelope-from andrsn@andrsn.stanford.edu) Received: from localhost (andrsn@localhost.stanford.edu [127.0.0.1]) by andrsn.stanford.edu (8.9.1/8.9.1) with SMTP id MAA04915; Wed, 20 Jan 1999 12:56:13 -0800 (PST) Date: Wed, 20 Jan 1999 12:56:12 -0800 (PST) From: Annelise Anderson To: jonathan michaels cc: FreeBSD Chat Mailing List Subject: Re: Change in crypto policy in France In-Reply-To: <19990120225600.B6919@caamora.com.au> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 20 Jan 1999, jonathan michaels wrote: > i've been seeing lots of this agreement being mentioned in allsorts of places > on teh web .. i've just seen people say how bad it is .. could you explain > what the wassenaar arrangement is and how it would be bad, please > > not looking for laywering treastise on teh subject, grin, rather a simple web > users backend .. sort of explamnation. > The United States restricts exports of "strong" encryption, although it has been loosening up a bit. It does not restrict imports. Therefore some companies (including Sun Microsystems) have set up encryption subsidiaries abroad to develop encryption products. The Wassenaar agreement was signed in December '98 by 32 nations to agree to control exports, which presumably puts firms in different countries on a level playing field. Although the United States recognizes the importance of encryption to electronic commerce, the government (especially the FBI and the State Department) are also concerned about the ability of the government to read electronic communications; thus proposals for permitting exports of stronger encryption products only for specific approved purposes and/or only if key recovery systems are in place, so that the government can get the keys and read the communications if it has a reason to do so. The next step (already proposed by the FBI) is to limit the use of encryption within the United States. Although the claim is made that the horse is out of the barn, legislation forbidding the use of encryption without key recovery or requiring approval of purpose (e.g., to protect credit card numbers) would mean other users could be presumed to be undertaking illegal activity. The bills introduced in the U.S. Congress to allow export of strong encryption and guarantee the right of people in the United States to use encryption freely have not prevailed and generally didn't get out of committee. The Dutch have apparently objected to the Wassenaar Arrangement. Annelise To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message