The other source of potential confusion is over patents and RSA
authentication: this is a totally separate issue. I believe RSA (the
company) have voluntarily relaxed their US patent on RSA (the algwhatever) a
few months earlier than they had to.
This is what cause those weird non-commuting restrictions esp on non-US
developed OS software (eg mod_ssl).
-----Original Message-----
From: Sam Newman [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 12, 2001 10:28 AM
To: [EMAIL PROTECTED]; Drew Sudell
Subject: Re: SSL and US encryption law
My understanding is that the embargo on 128bit encryption has been lifted,
exception that they can't be sent to embargoed countries (see the standard
java license for a list). It all became moot when developers in europe
starting selling their own 128bit encryption products..
sam
----- Original Message -----
From: Andrew B. Sudell <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Monday, March 12, 2001 4:14 AM
Subject: SSL and US encryption law
> Jim Canniff writes:
> > Does anyone know what the current law is regarding exporting products
with
> > SSL? We're building an application that will be deployed in Taiwan and
in
> > other non-US sites. I've read various things ranging from: can't export
SSL
> > at all to can only use 40 bit (56 if register certificate) encryption
in
> > those products.
> >
> > Any resources for current laws would be appreciated. Thanks.
> >
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
