More on fortifying Lotus Notes
Ben Laurie
ben at algroup.co.uk
Mon, 07 Jun 1999 11:27:49 +0100
David Parkinson wrote:
>
> At 16:50 06/06/99 +0100, Ben Laurie wrote:
> >That's a general requirement for export. Until recently, that is. 1024
> >bit keys are now permitted. As are 56 bit symmetric keys.
>
> According to my print out of the Dual-Use List, category 5, Part 2:
>
> [...controlled items include...]
> A "symmetric algorithm" employing a key length in excess of 56-bits;
> An "Asymmetric algorithm" where the security of the algorithm is based
> on.....Factorisation of Integers in excess of 512 bits (eg RSA).
>
> i.e. 56-bit symmetric ok, 1024 RSA still a no-no.
>
> However if we look at Note 3 (The Cryptography Note), we find there is
> no mention of "asymmetric algorithms", just symmetric.
> Could be read as "mass-market" products (such as Lotus Notes(?), Netscape,
> IE5, Exchange) can employ 64-bit symmetric keys with RSA >512 bits?
I'm talking about US export, not EU export (since Lotus is a US
company).
EU export rules only apply to certain destinations, unlike US export
ones. UK rules also have all that amusing stuff about licences (i.e. you
can only apply for one if export is prohibited, in which case you are
unlikely to get it, but the fact that they didn't let you apply doesn't
mean you didn't need one and its entirely your fault if you did. Catch
22, anyone?).
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
- Indira Gandhi