[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NIST involvement in PKI

>In this case, politics means unless NIST accepts a totally offshore codebase
>its not going to be one package. If the alternate is for NIST to release
>code which is RC4/40 or DES-56 to get export approval would they do that?

Until the world changes, NIST will not be able to release *any* crypto
code of any utility.  Nobody inside the US will.

>Do they allow hooks purely for authentication appears to be a key issue.
>You seem to be saying No, if there is any way that can leverage generalized
>encryption capability. 

All export decisions are on a case-by-case basis.  I'm not pessimistic;
I haven't read enough of Carl's spedct to make an informed guess.