use of RSA outside US (was Re: Netscape and 40 bit encryption)

• To: owner-www-security@ns2.rutgers.edu
• Subject: use of RSA outside US (was Re: Netscape and 40 bit encryption)
• From: Jonathon Tidswell <t-jont@microsoft.com>
• Date: Wed, 29 Mar 95 18:01:29 TZ
• Cc: www-security@ns2.rutgers.edu

David Miller  <isdmill@gatekeeper.ddp.state.me.us> wrote:

| On Mon, 27 Mar 1995, John Hemming (Chief Executive MarketNet ) wrote:
|
| > Given that SSL also easily allows 128 bit master key
| > encryption as well as using 512 bit rsa private public
| > keys.
| >
| > Given further that the code for the rsa private public
| > key is available both outside the states legally and
| > also for internal use within USA and CA.
| >
| > I would have thought there is no issue anyway.
|
| There isn't --- for companies *outside* the US.  As I understand it, US
| people can *import* strong encryption (SSL w/128 bit strength) - we just
| can't *export* it.

I thought the algorithm was published.
In which case I write my own code, send it to someone in the US to test
against real code then use it for any commercial purpose I see fit.
[ Microsoft includes non-US subsidiaries - I am not in the USA. ]

| Yes, this gives a HUGE edge in the market to non-US based firms.

One that only the Israelities seem to have seized. :-(

- Jon T

Disclaimer:
I am a postgraduate student on a scholarship not an employee of Microsoft ...
I think my thoughts are my own and I believe my writings are too.

• Previous: Re: Netscape and 40 bit encryption
• Next: Re: 40 bit encryption: Missing the point
• Index(es):
  • Index
  • Thread