New export controls to include code signing applications
Adam Shostack
adam at homeport.org
Wed Dec 11 19:23:40 PST 1996
These are important, and damaging changes to the regulations. My
thanks to Lucky for pointing them out.
Previously, authentication technologies, signatures and integrity
checkers had specific exemptions.
I suggest those journalists who lurk here call companies like Digital
Pathways, McAffee, Symantec, and see if they are aware of these
proposed changes.
Adam
Lucky Green wrote:
| It has been speculated in the past that certain crypto schemes, such as
| proposed by Microsoft and Sun, using signed crypto plugins might be helpful
| to the cause for strong crypto if non-US branches of US software companies
| would certify foreign developed crypto software.
|
| According to the recent proposal by Commerce, this will not happen. It will
| be illegal to export the software required to sign the code. So much for
| the government's claim that they make no attempt to limit the export of
| signing-only software.
|
| >From http://www.steptoe.com/commerce.htm
|
| [Listing specific software prohibited from export]
| "c.2. "Software" to certify "software" controlled by 5D002.c.1; "
|
| And, btw, virus checkers are also prohibited from export. Makes you wonder.
|
| "c.3. "Software" designed or modified to protect against malicious computer
| damage, e.g., viruses;"
|
|
| -- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred
| Make your mark in the history of mathematics. Use the spare cycles of
| your PC/PPC/UNIX box to help find a new prime.
| http://ourworld.compuserve.com/homepages/justforfun/prime.htm
|
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
More information about the cypherpunks-legacy
mailing list