I've already posted this to cryto-canada@greatvideo.com, but it seems to me wider distribution might be appropriate.
From the Canadian gov't Dep't of Foreign Affairs and International Trade (DFAIT) site:
http://www.dfait-maeci.gc.ca/~eicb/notices/ser113-e.htm
... the Wassenaar Arrangement Participating States reached a consensus decision on export control revisions for cryptographic goods and technologies at a meeting in Vienna on 03 December 1998.
12. The Wassenaar Arrangement Participating States agreed to ... ... a Cryptography Note applicable to both hardware and software goods that meet all of the following:
(a) generally available to the public by being sold, ... (b) the cryptographic functionality cannot easily be changed by the user; (c) designed for installation by the user ... (d) does not contain a symmetric algorithm employing a key length exceeding 64 bits; and (e) when necessary, details of the items are accessible ... to the appropriate authority ... to ascertain compliance with ... a. to d. above.
13. In addition to the technical changes, the Wassenaar Arrangement Participating States agreed that the controls on Mass Market goods as defined in sub-paragraph 12 (d) above will remain in effect for two years and that the renewal of such controls for a successive period will require the unanimous consent of the Wassenaar Arrangement Participating States.
My reading of that is that the current 64-bit limit for freely exportable commercial software dies at the end of this year if any Wassenaar country acts sensibly and votes to kill it. Of course, there will be pressure from the US and perhaps some others to act stupidly and maintain the 64-bit limit or rplace it with some larger but still insecure limit. What can we do to ensure that unanimous consent to this does not occur? It should be rather difficult to get unanimous consent to anything from a group of 35, and maintaining the limit is clearly a remarkably dumb thing to do, so the odds may be with us here. Still, I'd feel better if I knew of a dozen or so countries publicly committed to withholding that consent.
On Wed, 27 Sep 2000, Sandy Harris wrote about Wassenaar:
My reading of that is that the current 64-bit limit for freely exportable commercial software dies at the end of this year if any Wassenaar country acts sensibly and votes to kill it.
Of course, there will be pressure from the US and perhaps some others to act stupidly and maintain the 64-bit limit or rplace it with some larger but still insecure limit.
What can we do to ensure that unanimous consent to this does not occur?
The danish minister of trade Pia Gjellerup has stated in a public letter to industrial leaders and organisations, that she will work for an annulment of the note. This was confirmed to me personally by the danish delegate to Wassenaar, Bjarne Bitsch a couple of weeks ago, although he couldn't guarantee 'what might happen at the last moment. There's allways a political risk in these things'. Things seems to be clearing up, though. The danish government has been under a lot of pressure both w. regards to Wassenaar and the recent Echelon-debate, and the leading danish industrial organisation Dansk Industri has declared that they intend to put a lot of force into the annulment of the note. They also want the remaining crypto-products released, but have low expectatios on this. Anyway: The danish government has publicly, in writing, committed to withhold it. Lets see if it keeps. Yours Bo Elkjaer, Denmark
Bevar naturen: Sylt et egern.<< URL: http://www.datashopper.dk/~boo/index.html<< ECHELON URL:<< http://www1.ekstrabladet.dk/netdetect/echelon.iasp<<
participants (2)
-
Bo Elkjaer -
Sandy Harris