At 12:26 PM -0700 3/30/99, Eric Rescorla wrote:
>I'm trying to sort out what the situation is for RSA exportability
>under the new regulations. Obviously, we can use DES, but
>are we still restricted to 512 bit RSA keys. What's the story?
The way I read it, if you are using RSA for authentication, there are no
export restrictions (except perhaps the awful 5 nations). You do not need
to get a license.
If the RSA is being used to encrypt a symetric key for privacy, then it is
limited to 512 bits, the symetric key is limited to 64 bits, and you need
to get a license. (Jim Gillogly says 1024 is now the limit in this
situation.)
YMMV, IANAL
-------------------------------------------------------------------------
Bill Frantz | Macintosh: Didn't do every-| Periwinkle -- Consulting
(408)356-8506 | thing right, but did know | 16345 Englewood Ave.
[EMAIL PROTECTED] | the century would end. | Los Gatos, CA 95032, USA
