>Sent: MAY 20, 1996 13:40 >From: Theodore Y. Ts'o <tytso@MIT.EDU> >> Date: 20 May 96 10:03:36 -0700 >> From: "PALAMBER.US.ORACLE.COM" <PALAMBER@us.oracle.com> >> >You should see your favorite >> >high-priced export control lawyer for an >> >official legal opinion. >> >> No, just call the NSA ... lawyers opinions don't count. >> >Paul, > >I can't tell from your e-mail message whether you're joking or not.... ! Ted, No, I am not joking. I also spoke with the NSA on this topic ... SHA and MD5 when used as hash algorithms have the same export considerations. This is not a promise or direct ruling on SHA that our standards group can easily quote, but it is an indicator of the current review process. Standards are not subject to export control, so we are all subject to review of the final embodyment of these technologies into a product. Paul
-- BEGIN included message
- To: PALAMBER@us.oracle.com
- Subject: Re: Yes, you can export SHA and MD5
- From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
- Date: 20 May 96 13:40:14
- Cc: ipsec@tis.com
Date: 20 May 96 10:03:36 -0700 From: "PALAMBER.US.ORACLE.COM" <PALAMBER@us.oracle.com> >You should see your favorite >high-priced export control lawyer for an >official legal opinion. No, just call the NSA ... lawyers opinions don't count. Paul, I can't tell from your e-mail message whether you're joking or not.... ! - Ted
-- END included message