Nadav Har'El wrote:
> A system administrator told me today that he was required by Israeli
> law to use only the DES encryption option of ssh (the weakest ssh encryption,
> which is by default not compiled in because it's so weak), and that other
> encryptions supported by ssh (idea, 3des, etc.) are too powerful
> and are not allowed by this law. He referred to a law called "Chok Hazofen".
>
> Has anybody heard of this law? What does it really say? I bet it doesn't
> mention SSH, DES, RSA, etc. specifically. Is this a normal law, or some
> sort of "emergency"/"military" law?
It was established in 1974 under pressure from the military. It's
actually ``Tsav Hapikuach al Mitsrachim Vesherutim (Isuk Be'emtsa'ey
Hatspana''. (Which is sort of interesting, because next to this
encryption order you can find Tsavey Pikuach that deal with milk or
honey production.)
> I can't even begin to express my outrage at such a law if one does exist.
> It is (in my non-lawyer opinion) contradictory to "chok yesod cvod headam
> vecherotu".
I don't know whether anyone looked into it from that perspective,
however (as noted on http://www.itpolicy.gov.il/zofen.htm):
- Several laws require that ``reasonable measures'' be
taken to protect all sorts of data; practically, that means
encryption
- In addition to barring use of encryption in Israel, the
law bars export of encryption technologies. That has a
very bad impact on our industry.
- It's very hard to impossible to enforce this law.
> I guess such a law might be designed so that the police (or the shabac)
> can eavesdrop on people without fearing people will use encryption - but
> remember that the criminals or spies who the police want to eavesdrop on
> can still use encryption - they don't care breaking another law!
Don't forget when this law was passed. If you consider how fast
technology evolves, it's ancient.
The industry has always pressed the government to change this law,
and the defense organizations traditionally resisted this. (What
else is new?) Eventually, because of the damage this law was
causing the industry, as well as its complete uselessness, the defense
organizations folded. In 1998, the Tsofen law was altered as
follows:
- The authority over encryption in Israel was taken from
the Communications Corps of the IDF and moved to the
Ministry of Defense.
- Together with the Ministry of Defense, a special counsel
was formed to deal with relevant issues. The counsel
includes members from the security organizations, the
military and the public.
- The MoD published a list of encryption products that do
not require a license to be used. (Sorry, I don't have
that list.)
(The page at www.itpolicy.gov.il is outdated and does not cover this
information.)
As for your specific SSH question, that's hard to answer without
reading the MoD's list of approved products. Not having seen the
list, I'll hazard a guess that SSH is NOT on it. Your recourse is
therefore to apply with the MoD for a license to use it. (That
should you a few hundred NIS.)
Hmm. I'll try to get my hands on that list.
> Compare such a law to the following absurd idea: several times in the past
> police (in Israel and abroad) had trouble to get into houses where someone
> was baracaded (and holding hostages, etc.). Wouldn't it have been much
> simpler for them if "soragim" on windows, guard dogs, etc., were illegal?
> After all, aren't these things just a way for a citizen to avoid being
> invaded by the police? NO!
>
> If such a "zofen law" does exist, we should start a campaign to repeal it!
I think you're preaching to the choir here.
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
