Well, as I understand it, the problem with the seven bad countries is that US law generally prohibits any trading with them at all. You can't sell them cryptographic software but you also can't sell them a peanut butter and jelly sandwitch or a rubber band or anything. The restrictions against them are based on international policy, not the nature of the articles you want to trade. Donald On Thu, 27 Feb 1997, Bill Stewart wrote:

Date: Thu, 27 Feb 1997 20:30:09 -0800 From: Bill Stewart <stewarts@ix.netcom.com> To: cypherpunks@toad.com

At 10:14 AM 2/12/97 -0500, "Donald E. Eastlake 3rd" <dee@cybercash.com> wrote:

...

People may want to note that yesterday (Feb 11th) the IESG approved the DNS dynamic update and DNS secure dynamic update (draft-ietf-dnssec-update-04.txt and draft-ietf-dnsind-dynDNS-11.txt) as Proposed Standards. The base DNS security protocol was approved some time ago and is now out as RFC 2065.

Details are on http://www.tis.com/docs/research/network/dns.html It's a very interesting page - pointers to the RFC http://ds.internic.net/rfc/rfc2065.txt , and downloadable beta code from TIS implementing it. Cool stuff.

But then there's the politial correctness part of the web page :-)

...

Trusted Information Systems, Inc. has received approval from the United States Government for export and reexport of TIS/DNSSEC software from the United States of America under the provisions of the Export Administration Regulations (EAR) General Software Note (GSN) license exception for mass market software. Under the provisions of this license, this software may be exported or reexported to all destinations except for the embargoed countries of Cuba, Iran, Iraq, Libya, North Korea, Sudan and Syria. Any export or reexport of TIS/DNSSEC software to the embargoed countries requires additional, specific licensing approval from the United States Government.

Yup. Can't let those Cubans secure their DNS..... At least the government did decide to permit export.

# Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list, please Cc: me on replies. Thanks.)

===================================================================== Donald E. Eastlake 3rd +1 508-287-4877(tel) dee@cybercash.com 318 Acton Street +1 508-371-7148(fax) dee@world.std.com Carlisle, MA 01741 USA +1 703-620-4200(main office, Reston, VA) http://www.cybercash.com http://www.eff.org/blueribbon.html