Well, that's going to be fun. ---------- Treść przekazywanej wiadomości ---------- Temat: Re: [bestbits] Indian Encryption Policy Data: poniedziałek, 21 września 2015, 15:42:05 Od: Mishi Choudhary Hi Carol, Thanks for highlighting this. Its a draft National Encryption Policy and public comments are invited by October 16, 2015. Comments are to be emailed to Mr A,S.A. Krishnan, akrishnan@deity.gov.in The key highlights of the policy are : 1. A stipulation that businesses and citizens are to maintain plain text (unencrypted) copies of encrypted content for a period of 90 days, to be made available to Law Enforcement Agencies (LEAs) when so directed under law. 2. Vendors of encryption products are required to register their products with the Government as a pre-condition to conducting business in India. They are also expected to re-register their products with every update. This requirement is not limited to vendors of dedicated encryption products, and seemingly includes even products that use encryption in the course of providing a larger service such as messaging or e-commerce. (Service Providers located within and outside India, using Encryption technology for providing any type of services in India must enter into an agreement with the Government for providing such services in India). 3. Encryption algorithms and key sizes shall be prescribed by the Government through Notifications from time to time. ----------------------------------------- -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147