[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Exporting an IPSec implementation
In article <9606198378.AA837818052@snail.rsa.com> Bob Baldwin wrote:
>Disclaimer: To legally claim that a product implements "IPSec",
>the product MUST implement 56 bit DES-CBC which of course is
>not exportable for general applications.
Yes, though the specific mandatory-to-implement transform will
probably vary through time.
>So, if your product only
>performs a 40 bit RC5, which would allow you to post it on
>the web and give it away for free throughout the world, then
>your legal claims should indicate that it is a demonstration
>version not a true implementation of IPSec.
Please do not use the term "IPsec demonstration version" to
describe something that doesn't really implement IPsec per
the standards-track RFCs. That would be at least misleading
and perhaps would be illegal in some localities.
If it does not implement IPsec per the current-at-the-time Internet
standards-track RFCs, then it should not claim to implement IPsec.
Ran
rja@inet.org
only speaking for myself as an individual...
References: