Fwd: Re: [bestbits] Indian Encryption Policy

rysiek rysiek at hackerspace.pl
Thu Sep 24 12:08:16 PDT 2015

Well, that's going to be fun.

----------  Treść przekazywanej wiadomości  ----------

Temat: Re: [bestbits] Indian Encryption Policy
Data: poniedziałek, 21 września 2015, 15:42:05
Od: Mishi Choudhary

Hi Carol,

Thanks for highlighting this. Its a  draft National Encryption Policy
and public comments are invited by October 16, 2015. Comments are to be
emailed to Mr A,S.A. Krishnan,  akrishnan at deity.gov.in

The key highlights of the policy are :

1. A stipulation that businesses and citizens are to maintain plain text
(unencrypted) copies of encrypted content for a period of 90 days, to be
made available to Law Enforcement Agencies (LEAs) when so directed under

2. Vendors of encryption products are required to register their
products with the Government as a pre-condition to conducting business
in India. They are also expected to re-register their products with
every update. This requirement is not limited to vendors of dedicated
encryption products, and seemingly includes even products that use
encryption in the course of providing a larger service such as messaging
or e-commerce. (Service  Providers located  within  and
outside  India, using  Encryption  technology  for providing any type of
 services in India must enter  into an agreement with the Government
for providing such  services in India).

3. Encryption   algorithms   and key   sizes shall be prescribed
by   the Government through Notifications from time to time.

Michał "rysiek" Woźniak

Zmieniam klucz GPG :: http://rys.io/pl/147
GPG Key Transition :: http://rys.io/en/147
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 931 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20150924/2225dc85/attachment-0002.sig>

More information about the cypherpunks mailing list