BRIAN MCBEE says:
Since the only reason we are talking about RIPEM is because of legality concerns about PGP, I thought I'd mention that it is (at least theoretically) illegal to export RIPEM from the US, annd therefore could not be legally used to correspond with persons overseas.
RSAREF isn't legally exportable - that's correct. But RIPEM certainly is. And there's nothing to prevent those overseas from using RIPEM with whatever RSA and DES implementations they wish (they have at least three good ones to choose from :-).
I don't know if there is a legal way to do public key cryptography between persons inside the US and persons outside the US.
a) If "they" teach PGP to understand PEM - we could use RIPEM here to talk to them (they will use PGP, naturally). b) If they get legal RIPEM and marry it with RSA/DES - we could talk with them using RIPEM on both ends. -- Regards, Uri uri@watson.ibm.com scifi!angmar!uri N2RIU ----------- <Disclamer>