VerSecure - "strong encryption" exportable from the US

[Brown, R Ken]

Thomas Womack wrote:

> "Additionally, we provided for the periodic expiration of the
cryptographic
> functionality as a hedge against obsolescence." seems really
disconcerting,
> since I can't see any way of implementing this without ending up with the
> possibility of being unable to decode legacy data.

Which seems exactly right to me. 

And what happens if you mess up the annual renewal?

I may not know much about cryptography but I know a lot about the way IT
departments think - I would hate to have to persuade my bosses to implement
a device that was pre-programmed to fail one year from now unless certain
employees (& we don't know who they will be because we may all have moved
jobs by then)  contact the SDA (who may also  have changed by then)  and say
the right magic words to get them to reprogram our equipment according to
whatever rules the government may have dreamed up in the meantime (and I'm
sure you know what irrational prejudices many managers have about the
competance of government and the Civil Service ).  Maybe banks and
card-issuers will be used to this sort of hassle but industrial companies
and retailers  will avoid it like the plague.