Will Rodger <rodger@worldnet.att.net> writes:
At 01:25 PM 9/29/97 +0000, Jim Burnes wrote:
ACME corporation, a mostly Canadian outfit with a major subsidiary in the US, wants to roll out corporate wide crypto.
Most of their network operations are in the US except one of their offices in Ireland.
Question (1): Can they buy a strong crypto package in the US and physically roll it out to both Canada and Ireland.
Nope. Though Canada allows export of strong crypto generally, Canadians may not re-export US products once they enter the country.
This is not the way I understand it. You can re-export strong crypto from Canada, you just have to inform the appropriate Canadian government department that you have done so. So procedure is: 1) import software from US, 2) write appropriate Canadian export department telling "I'm going to export blah to xyz corp offices in Ireland", 3) export it. That is, there is a loop-hole, you don't have to ask permission for export, you just have to inform them you're going to do it. (You might want to check this out with a Canadian lawyer familiar with the rules, and loop-holes). So you informed them. They can't do anything about it. They won't like it, but they don't have to. I'm told Kerebos was exported by this route. US -> Canada -> UK. 100% legally. Adam -- Now officially an EAR violation... Have *you* violated EAR today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`