There are still a few unclear (to me) points about this story: 1. CWD says that RSA's Japanese subsidiary developed the chips. Markoff says NTT did. It sounds to me like NTT is the more likely developer, since they have a great deal of silicon design experience. 2. Markoff's story says that NTT doesn't have licenses to use RSA technology (the quote from Junichi Kishigami), but the bit about safely swapping private-key info makes me wonder if instead they're using DH-- the patent for which expires next year. A telecom chipset could make productive use of DH for key exchange at call setup. 3. Once you import an ITAR item, its export becomes controlled. Importing the NTT chipset for use, say, in a Motorola cell switch (made in IL) would seem to be problematic. Buying chips in Japan for shipment to Moto's phone factories in Singapore and Malaysia, however, would appear to be OK. Under the present export regs, it's not clear to me how many US manufacturers would adopt this chipset since it doesn't give them any export relief. If the NRC's recommendations are adopted, that still won't help, since triple-DES is over their recommended limit. The _good_ news is that US manufacturers could put these chipsets into domestic-only products, and I sincerely hope they will. -Paul -- Paul Robichaux LJL Enterprises, Inc. paul@ljl.com Be a cryptography user. Ask me how.