[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Re[2]: quick survey
the reference is:
http://cs-www.ncsl.nist.gov/fips/fips180-1.txt
Although I should appreciate the 15 minutes of fame I have received for
supplying this URL, all I did was to bash on the search button in my web
browser. No rocket science involved.
I too am not a lawyer, and my interpretation of the document I refer to is
"gee this looks like a sufficiently real claim that I should go ask my
lawyer about it", no more.
At 03:57 PM 5/17/96, you wrote:
>
> Ran,
>
> The Department of State, Bureau of Politico-Military Affairs, in 22
> CFR Part 121.1 Category 13 which addresses cryptographic systems
> specifically excludes "data authentication which calculates a Message
> Authentication Code (MAC) or similar result to insure no alteration of
> text has taken place, or to authenticate users" (Section 1(vi))
>
> Only if the authentication is part of a system where encryption is
> also being carried out would the MAC come under regulation.
>
> This would seem to conflict with the information you have. Do you have
> a reference for that regulation?
>
> Gary L. McGreal
>
>
>
>______________________________ Reply Separator
_________________________________
>Subject: Re: quick survey
>Author: Ran Atkinson <rja@cisco.com> at INTERNET
>Date: 5/17/96 1:27 PM
>
>
>Received: by ccmail
>Received: from uupsi5 by ire.com (UUPC/extended 1.11) with UUCP;
> Fri, 17 May 1996 13:22:14 EDT
>Received: from neptune.tis.com by uu5.psi.com (5.65b/4.0.071791-PSI/PSINet)
via
>S MTP;
> id AA21143 for gmcgreal; Fri, 17 May 96 13:06:43 -0400
>Received: from neptune.tis.com by neptune.TIS.COM id aa03026;
> 17 May 96 12:29 EDT
>Received: from relay.tis.com by neptune.TIS.COM id aa03009; 17 May 96 12:17
EDT
>Received: by relay.tis.com; id MAA13855; Fri, 17 May 1996 12:18:44 -0400
>Received: from sol.tis.com(192.33.112.100) by relay.tis.com via smap (V3.1)
> id xma013843; Fri, 17 May 96 12:18:17 -0400
>Received: from relay.tis.com by tis.com (4.1/SUN-5.64)
> id AA07556; Fri, 17 May 96 12:18:26 EDT
>Received: by relay.tis.com; id MAA13837; Fri, 17 May 1996 12:18:11 -0400
>Received: from unknown(171.69.1.174) by relay.tis.com via smap (V3.1)
> id xma013826; Fri, 17 May 96 12:17:55 -0400
>Received: (rja@localhost) by puli.cisco.com (8.6.8+c/8.6.5) id JAA12763 for
>ipsec @tis.com; Fri, 17 May 1996 09:20:27 -0700
>Message-Id: <199605171620.JAA12763@puli.cisco.com>
>From: Ran Atkinson <rja@cisco.com>
>X-ccAdmin: bprice@uupsi5
>Date: Fri, 17 May 1996 09:20:26 PDT
>X-Mailer: Mail User's Shell (7.2.5 10/14/92)
>To: ipsec@TIS.COM
>Subject: Re: quick survey
>Sender: ipsec-approval@neptune.tis.com
>Precedence: bulk
>
>A bit of "good news, bad news", with the bad first...
>
>A couple of people have observed in email that SHA-1 is export-controlled from
>the US, which is surprising news to me (and in my personal opinion is
>_incredibly_ stupid since its just a one-way hash function). However,
>one of those folks provided me with a URL that makes this very clear.
>
>The good news is that SHA-1 is under Commerce Department rules, which means
>that US export licenses should be MUCH MUCH easier to obtain.
>
>I'll cut/paste the relevant text from FIPS 180-1 below. I obtained
>the quoted text from:
> http://129.6.52.11/fips/fip180-1.txt
>
>"Export Control: Implementations of this standard are subject to Federal
>Government export controls as specified in Title 15, Code of Federal
>Regulations, Parts 768 through 799. Exporters are advised to contact the
>Department of Commerce, Bureau of Export Administration for more information."
>
>
>If this changes the views of anyone who already responded via email,
>please feel free to send a revised email along.
>
>Ran
>rja@cisco.com
>
>--
>
>
Rodney Thayer :: rodney@sabletech.com
Sable Technology Corp :: +1 617 332 7292
246 Walnut St :: Fax: +1 617 332 7970
Newton MA 02160 USA :: http://www.shore.net/~sable
"Developers of communications software"