Re: [VANILLA-LIST:2126] PGP RSA

[Dave Ahn <ahn@vec.wfubmc.edu>]

On Tue, Mar 16, 1999 at 02:21:00PM +1100, James Cameron wrote:
> I agree with Dave ... although libraries have use to save effort for
> coders and installers, we should probably just have two separate kits.
> 
> Is it legal to export binary only implementations?

If it isn't, then we could be breaking the law by making RSA-enabled
clients available to people outside the U.S.  Afterall, the clients
use the same RSA algorithm in obfuscated form.

I contacted RSA Labs for some clarification.  Seeing as ftp.netrek.org
has numerous RSA enabled client binaries with no export control, I'd
rather be on the safe side than be slapped by Uncle Sam.  My interpretation
of the export restrictions (particularly the changes made last September)
is that we can export RSA enabled client _and_ server binaries because
the key size we use is 32 bits and the algorithm is used only for
authentication purposes.

BTW, Kurt, you realize that by bundling mkkey.c with the COW source, you're
making it un-re-exportable outside the U.S., right?

Aren't crypto laws a pain?  :(
-- 
Dave Ahn <ahn@vec.wfubmc.edu>        |  "When you were born, you cried and the
                                     |  world rejoiced.  Try to live your life
Virtual Endoscopy Center             |  so that when you die, you will rejoice
Wake Forest Univ. School of Medicine |  and the world will cry."  -1/2 jj^2