More on fortifying Lotus Notes
Ben Laurie
ben at algroup.co.uk
Mon, 07 Jun 1999 13:25:36 +0100
David Parkinson wrote:
>
> At 11:27 07/06/99 +0100, Ben Laurie wrote:
> >David Parkinson wrote:
> >>
> >> At 16:50 06/06/99 +0100, Ben Laurie wrote:
> >> >That's a general requirement for export. Until recently, that is. 1024
> >> >bit keys are now permitted. As are 56 bit symmetric keys.
> >>
> >> According to my print out of the Dual-Use List, category 5, Part 2:
> >>
> >> [...controlled items include...]
> >> A "symmetric algorithm" employing a key length in excess of 56-bits;
> >> An "Asymmetric algorithm" where the security of the algorithm is based
> >> on.....Factorisation of Integers in excess of 512 bits (eg RSA).
> >>
> >> i.e. 56-bit symmetric ok, 1024 RSA still a no-no.
> >>
> >> However if we look at Note 3 (The Cryptography Note), we find there is
> >> no mention of "asymmetric algorithms", just symmetric.
> >> Could be read as "mass-market" products (such as Lotus Notes(?), Netscape,
> >> IE5, Exchange) can employ 64-bit symmetric keys with RSA >512 bits?
> >
> >I'm talking about US export, not EU export (since Lotus is a US
> >company).
> >
>
> I was quoting from the Wassenaar Arrangement <www.wassenaar.org> of
> which the US is a signatory along with other non-EU countries.
Nevertheless the US allow 1024 bit asymmetric key export.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
- Indira Gandhi