US Export Law and the IETF

["PALAMBER.US.ORACLE.COM" <PALAMBER@us.oracle.com>]

Alex, 
 
Here's a quick summary of the impact of US export laws on the IPsec mailing 
list: 
 
US Export Law and the IETF 
 
US citizens are restricted from discussing export controlled "technical 
information" except in a standards forum.  Controlled technical information 
includes the description of cryptographic algorithms and protocols that might 
be used to construct a product that would be subject to US export controls.  
The intent of this law is to prevent export regulations from being 
circumvented by exporting the design information. 
 
The IETF is an international standards organization and details of security 
standards including cryptographic algorithms and protocols can be freely 
discussed in this forum.  This includes e-mail discussions and IETF meeting 
held in international locations.  Encryption proposals, implementation 
discussions, security protocol designs may all be discussed in the IETF when 
they are part of the standards process. 
 
Working cryptographic software cannot be posted on any IETF mailing list by a 
US citizen or any employee of a US owned subsidiary.   
 
Paul 
 
 
PS: 
These are my opinions of the US export regulations and should not be 
considered as a position of my company.  I am not a lawyer and you use this 
advice at your own risk. 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
Paul Lambert                   Director of Security Products 
Oracle Corporation             Phone:         (650) 506-0370 
500 Oracle Parkway, M/S 5op10  Fax:            
Redwood Shores, CA  94065      E-Mail: palamber@us.oracle.com 
PGP:	   F4 B9 3B 17 BD 49 3B 0C    9E B9 95 E2 42 CA 02 E3 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

---

• Prev by Date: More Proxy ID questions
• Next by Date: quiet and last calls
• Prev by thread: More Proxy ID questions
• Next by thread: quiet and last calls
• Index(es):
  • Main
  • Thread