About Triple DES ......
Hello: Please let me know if TRIPLE DES is regulated by the same rules than the others criptography systems in USA. We want to use it here in National Autonomous University of Mexico, so we don't want to get jailed. In case we can use it somebody knows where can i get the source code ?? I have searched this already in WWW, archie and Veronica. Thanks in advance. ---------------------------------------------------------------- Academic Computing Services National Autonomus University of Mexico Victor Ramon Aguilar Ocampo Coordinacion de Servicios de Computo DGSCA - UNAM E-mail: aguilar@servidor.unam.mx " Solo tienes dos cosas en tu hacer, las Razones y los Resultados. Las Razones no cuentan ". ----------------------------------------------------------------
Victor Ramon Aguilar Ocampo escribe:
Please let me know if TRIPLE DES is regulated by the same rules than the others criptography systems in USA.
Yes. Apparently there's even a standard place on the export request forms to check off "please resubmit without triple-DES support." If this is something you want to be able to take across the border, you need to get it from a non-US source.
We want to use it here in National Autonomous University of Mexico, so we don't want to get jailed.
You wouldn't be jailed, since as far as I know, it's perfectly legal for you to use DES. It's just illegal for anyone in the US or Canada to give it to you. It's possible that some NAFTA working group has written regulations to make Mexico answerable for ITAR violations, but I seriously doubt it. -rich
Victor Ramon Aguilar Ocampo writes:
Please let me know if TRIPLE DES is regulated by the same rules than the others criptography systems in USA.
Yes.
We want to use it here in National Autonomous University of Mexico, so we don't want to get jailed.
You are in Mexico. You aren't required to follow U.S. law.
In case we can use it somebody knows where can i get the source code ??
Try the International Cryptography Home page to help you find a copy from outside the U.S. http://www.cs.hut.fi/crypto/ Perry
Perry E. Metzger writes:
Try the International Cryptography Home page to help you find a copy from outside the U.S.
Um, what if Victor and www.cs.hut.fi are only connected on a path that traverses the United States? Can a person be convicted of ITAR violations when they've never been in the U.S.? :) -russ <nelson@crynwr.com> http://www.crynwr.com/~nelson Crynwr Software | Crynwr Software sells packet driver support | PGP ok 11 Grant St. | +1 315 268 1925 voice | If you would seek peace, Potsdam, NY 13676 | +1 315 268 9201 FAX | first seek freedom
On 27 Mar 1996 nelson@crynwr.com wrote:
Um, what if Victor and www.cs.hut.fi are only connected on a path that traverses the United States? Can a person be convicted of ITAR violations when they've never been in the U.S.? :)
If neither endpoint includes US citizens or residents, or people working on the behalf of US citizens or residents, no. Very interesting hypothetical, though. I'm pretty sure that in this case, it's a fact, not a hypothetical. A more complicated hypothetical: if Victor told MCI/Sprint/whatever, the news media, and the US authorities of his intent to download triple-DES in this way, would MCI/Sprint/whatever be liable? Any cypherpunks in Latin America? How about from Asia to Finland -- what does that route look like? Something along the lines of that "Pastors for Peace" media hoax, which is a perennial show of an attempt to deliver US goods to embargoed Cuba, might be worth engineering. At some point in this exercise, though, we might be "raising awareness" among the wrong people, to cite Tim May. I wouldn't want NAFTA, the WTO, and so on enforcing ITAR. -rich
Rich Graves wrote: [..]
At some point in this exercise, though, we might be "raising awareness" among the wrong people, to cite Tim May. I wouldn't want NAFTA, the WTO, and so on enforcing ITAR.
It's conceivable that companies could appeal to those organizations to repeal ITAR crypto limits (unless an international crypto treaty is set up... uh ohh), since the limit unfairly disadvantages North American companies, and to some extent even foreign companies that might manufacture software in the US.
participants (5)
-
Mutant Rob -
nelson@crynwr.com -
Perry E. Metzger -
Rich Graves -
Victor Ramon Aguilar Ocampo