Re: (IPng) Proposed message on perfect forward security

[Theodore Ts'o <tytso@MIT.EDU>]

   Date: Tue, 07 Mar 95 15:02:53 -0500
   From: bound@zk3.dec.com

   I will also add that ESP requires DES.  Could we select an encryption
   algorithm that has no export restrictions any where in the world.  

No --- there's no such thing.  Well, maybe ROT-13 counts, but
technically you still need an export license for it.  (Pathetically weak
systems like DES with 40 bit keys fall in the same category as ROT-13,
for all intents and purposes).

This issue has been talked to death many times before, in many different
forums.  In all such forums that I recall within the IETF, the consensus
that has always been reached is that we should design the best system we
can, regardless of export issues --- and if certain world governments
want to restrict the ability of their companies to compete in the global
marketplace, that's those government's business.

If we want to avoid export hassles altogether, the only way to do that
is to punt on encryption altogether --- and I think we've all agreed
that protecting data confidentialty is a good thing.

Do we really have to open this for discussion yet again?  I really hope
not....

						- Ted

---

References:

• Re: (IPng) Proposed message on perfect forward security
• From: bound@zk3.dec.com

---

• Prev by Date: Re: Clarification
• Next by Date: Re: (IPng) in-band key mgmt, IPV6, export issues, DES hardware
• Prev by thread: Re: (IPng) Proposed message on perfect forward security
• Next by thread: Re: (IPng) in-band key mgmt, IPV6, export issues, DES hardware
• Index(es):
  • Main
  • Thread