If I live in the US and put the perl RSA code in my sig, then post in an international newsgroup, have I illegally exported encryption?
Yes, so, I believe under the EAR, has the admin of the newshost which sends the post out of the US.
If I put that same code on my web site, then post requests to view my site in an international newsgroup, have I exported it?
Yes, I believe that is the case, the same applies to FTP, and any other similar protocol.
What is the penalty for exporting powerful encryption?
Can`t recall, I`m sure someone here knows the EAR tariffs, it`s pretty steep but a. you wont get caught, and b. if you do, the prosecution is highly unlikely to be succesful. Datacomms Technologies data security Paul Bradley, Paul@fatmans.demon.co.uk Paul@crypto.uk.eu.org, Paul@cryptography.uk.eu.org Http://www.cryptography.home.ml.org/ Email for PGP public key, ID: FC76DA85 "Don`t forget to mount a scratch monkey"