[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ESP over ESP was Re: ICMP Security Failures

To: "PALAMBER.US.ORACLE.COM" <PALAMBER@us.oracle.com>
Subject: Re: ESP over ESP was Re: ICMP Security Failures
From: Theodore Ts'o <tytso@MIT.EDU>
Date: Thu, 21 Dec 1995 19:04:05 -0500
Address: 1 Amherst St., Cambridge, MA 02139
Cc: sommerfeld@apollo.hp.com, ipsec@ans.net
In-Reply-To: PALAMBER.US.ORACLE.COM's message of 21 Dec 95 13:55:02 -0800,<199512212258.AA24563@interlock.ans.net>
Phone: (617) 253-8091

   Date: 21 Dec 95 13:55:02 -0800
   From: "PALAMBER.US.ORACLE.COM" <PALAMBER@us.oracle.com>

   It is a common misconception that DES is not exportable: 

Actually, I think a fairer statement (especially in regards to people
within the IETF who have been grappling with these issues for a long
time --- and I include Bill in this group) is that people use the term
"DES is not exportable" as a shorthand to mean:

	A product containing DES for the purposes of data hiding will
	generally not be eligible for an export license which permits
	the product to the general public outside of the United States.

At this point, I suspect most people in the ipsec working group are
aware of the exceptions --- US owned companies, financial institutions,
for authentication use only, etc.  

These exceptions, however, are generally not useful when a U.S. Company
is trying to compete with European software vendors in the European
market.

						- Ted

References:

ESP over ESP was Re: ICMP Security Failures

From: "PALAMBER.US.ORACLE.COM" <PALAMBER@us.oracle.com>

Prev by Date: Re: ESP over ESP
Next by Date: Re: ESP over ESP was Re: ICMP Security Failures
Prev by thread: ESP over ESP was Re: ICMP Security Failures
Next by thread: Re: ESP over ESP was Re: ICMP Security Failures
Index(es):
- Main
- Thread