From owner-freebsd-chat Wed Jan 20 13:19:20 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA19797 for freebsd-chat-outgoing; Wed, 20 Jan 1999 13:19:20 -0800 (PST) (envelope-from owner-freebsd-chat@FreeBSD.ORG) Received: from lariat.lariat.org (lariat.lariat.org [206.100.185.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA19774 for ; Wed, 20 Jan 1999 13:19:18 -0800 (PST) (envelope-from brett@lariat.org) Received: (from brett@localhost) by lariat.lariat.org (8.8.8/8.8.6) id OAA25721; Wed, 20 Jan 1999 14:18:35 -0700 (MST) Message-Id: <4.1.19990120141125.0671cac0@mail.lariat.org> X-Sender: brett@mail.lariat.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Wed, 20 Jan 1999 14:18:00 -0700 To: Annelise Anderson , jonathan michaels From: Brett Glass Subject: Re: Change in crypto policy in France Cc: FreeBSD Chat Mailing List In-Reply-To: References: <19990120225600.B6919@caamora.com.au> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 12:56 PM 1/20/99 -0800, Annelise Anderson wrote: >The United States restricts exports of "strong" encryption, although it >has been loosening up a bit. The encryption it restricts is anything with a key over 40 bits. This is not "strong." >It does not restrict imports. Therefore >some companies (including Sun Microsystems) have set up encryption >subsidiaries abroad to develop encryption products. And have run into hassles as a result. >The Wassenaar agreement That's "arrangement" >was signed in December '98 by 32 nations to >agree to control exports, which presumably puts firms in different >countries on a level playing field. It's not binding on those countries. They agreed in principle to SEEK export controls. Why they would ever want to have them in reality is unclear, to say the least. >Although the United States recognizes the importance of encryption to >electronic commerce, the government (especially the FBI and the State >Department) are also concerned about the ability of the government >to read You mean, "spy on"... >electronic communications; thus proposals for permitting >exports of stronger encryption products only for specific approved >purposes and/or only if key recovery systems are in place, so that >the government can get the keys and read the communications if it >has a reason to do so. Such as, say, idle curiosity. >The next step (already proposed by the FBI) is to limit the use of >encryption within the United States. And also to tap all of our phones. The EFF, in a monumental misstep for which they still should not be forgiven, allowed a bill that facilitates this to be passed. >Although the claim is made that the horse is out of the barn, >legislation forbidding the use of encryption without key recovery >or requiring approval of purpose (e.g., to protect credit card >numbers) would mean other users could be presumed to be undertaking >illegal activity. The bills introduced in the U.S. Congress to >allow export of strong encryption and guarantee the right of >people in the United States to use encryption freely have not >prevailed and generally didn't get out of committee. They've gotten out of SOME committees, but have been killed by legislators who are beholden to the FBI. (Perhaps the FBI knows about their exramarital affairs? ;-) >The Dutch have apparently objected to the Wassenaar Arrangement. So should Americans. It's unconstitutional, as are all export controls. --Brett Glass To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message