[Previous] [Next] [Index]
[Thread]
Re: PGP and WWW (was "Securing information transports")
Last time, Stephen Mattin uttered the following other thing:
>
> What about the story of NSA forcing the removal the PGP hooks
> from the NCSA server? See
>
> <http://www.apache.org/docs/nopgp.htm>
They didn't force the removal, they merely told us that our hooks
were probably in violation of the ITAR to which the US is signatory.
To become compliant with the ITAR, we (NCSA) chose to remove the
PGP/PEM hooks from our publicly available servers and browsers.
As the new, improved hooks in the server come out of alpha testing,
the server will be available from a export controlled ftp server
(similar to other such servers for cryptographic software). The
CCI app for the browsers will also be available from this server.
Because CCI is a generic hook, you can use the standard versions
of the browsers which support CCI. This means that the server
and CCI app will only be available to the US (and Canada?) until
such time as the US government figures things out.
The specification for the PGP code used in the servers and browsers
will be presented at the 4th WWW Conference, and is therefore open
to implementation by whomever, including people from countries not
signatory to the ITAR.
At least, that's how I understand it.
Brandon
--
Come to the 1995 Midwestern ACM Conference at UIUC November 3-5
with Keynote speaker Steve Wozniak
http://www.acm.uiuc.edu/conference/
Brandon Long "I think, therefore, I am confused." -- RAW
HTTPd/SDG/NCSA "Of all the things I've lost, I miss my mind the most."
ECE/UIUC blong@uiuc.edu http://www.uiuc.edu/ph/www/blong
N9WUC Don't worry, these aren't even my views.
References: