Caspar Bowden in the UK says by telephone that a Wassenaar spokesman told him today that the WA org will issue next week a detailed "template" which specifies terms of the recent agreement to control encryption. It will go well beyond what has been heretofore generally agreed to by the member states under which there was a good bit of latitude for each to determine its own policy. This is an unprecedented united front by the members, and the paper will be a first for detailed export controls issued by the Wassenaar org rather than by each nation. When ready it will be put on the Wassenaar Web site: http://www.wassenaar.org. We've made a request to DoC for elaboration of the press release yesterday which featured David Aarons' general claims, but no response yet. The USG may not comment until the WA paper is issued. Caspar posted a capsule of his infor on UK Crypto: From: "Caspar Bowden" <cb@fipr.org> To: <ukcrypto@maillist.ox.ac.uk> Subject: News from Wassenaar Secretariat Date: Fri, 4 Dec 1998 16:23:58 -0000 Message-ID: <000101be1fa2$9da127e0$dc77e4d4@cpsb> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal Just talked to Dirk Weicke, Senior Adviser to Wassenaar Organisation. (Tel:+43 1 516360) No written details will be issued until next week, but gist is: *) No alteration to question of whether Wassenaar covers intangible exports. Up to signatory states to interpret and legislate. *) mass-market software, symmetric key length limited to 56-bits *) software generally available, but with other restrictive tests on end-user re-configurability, symmetric key length limited to 64-bits *) Assymetric key lengths (not sure how relates to above) limited to: RSA & Digital logarithm: 512 bits Elliptic curve : 112 bits -- Caspar Bowden http://www.fipr.org Director, Foundation for Information Policy Research Tel: +44(0)171 354 2333 Fax: +44(0)171 827 6534 ----------