From the March/April 1996 issue.

Lotus accepts escrow In a compromise to obtain export permission, Lotus Development Copr. has agreed to escrow 24 bits of the 64-bit encryption keys used in the new release of Lotus Notes. The U.S. government allows export of unescrowed 40-bit key strings. Under the Lotus plan, U.S. agents will be able to access the escrowed portion of the key but would still have to decrypt the rest to obtain a clear-text message. Althought the NSA has not said it can decrypt 40-bit DES encryption, many postuylate that it can. [end excerpt] Postulate??? And I thought Notes used RC4? Pretty bad for a security journal. Weld Pond - weld@l0pht.com - http://www.l0pht.com/~weld L 0 p h t H e a v y I n d u s t r i e s Technical archives for the people - Bio/Electro/Crypto/Radio