Hi all Some time ago I had various email exchanges regarding Australian crypto export regulations. More recently I've been put in the picture by David Cox and others that there are in fact ITAR-like laws in force in Australia. The last time I looked into this, Matt Crean(?) had very little luck finding any info from the various relevant departments, have of whom didn't seem to have a clue. In short, Crypto export from Australia is illegal without a licence - this is making it difficult for David's software firm to compete with their unhampered German competition. Using the following search URL you can find the relevant text (shortened version appended)) http://www.austlii.edu.au/cgi-bin/sinodisp.pl/au/legis/cth/consol_reg/cer439... However, if anything is done about ITAR in the US, I wouldn't be at all surprised if Australia follows suit. Sherry ps There is an awful lot of crap on c'punks these days - reading it is a bit of a needle in a haystack exercise ;-( ========================= CUSTOMS (PROHIBITED EXPORTS) REGULATIONS - SCHEDULE 13 MILITARY AND NON-MILITARY GOODS (EXPORTATION PROHIBITED EXCEPT ON PRODUCTION OF A LICENCE OR PERMISSION UNDER REGULATION 13B)
[snip]<<<
43. Other goods as follows: (a) complete or partially complete cryptographic equipment designed to ensure the secrecy of communications (including data communications and communications through the medium of telegraphy, video, telephony and facsimile) or stored information; (b) software controlling, or computers performing the function of, cryptographic equipment referred to in paragraph (a); (c) parts designed for goods referred to in paragraphs (a) or (b); (d) applications software for cryptographic or cryptanalytic purposes including software used for the design and analysis of cryptologics; (e) radio transmitters and receivers for spread spectrum or frequency agile communications systems having a total transmitted bandwidth that is: (i) 100 or more times greater than the bandwidth of any one information channel in the system; (ii) in excess of 50 kilohertz; or (iii) designed or modified to use cryptographic techniques to generate the spreading code for spread spectrum or the hopping code for frequency agile systems; (f) parts designed or adapted for goods referred to in paragraph (e); (g) software and equipment designed or adapted for controlling the functions of goods referred to in paragraph (e) ; (h) information security systems, equipment, software, application specific assemblies, modules or integrated circuits, designed or modified to provide certified or certifiable multi-level security of user-isolation at a level exceeding Class E4 of the Information Technology Security Evaluation Criteria (ITSEC) or equivalent in force at the commencement of these Regulations; (i) software designed or adapted for the purpose of demonstrating that the information security features referred to in paragraph (h) provide a multi-level security or user-isolation function.