Details About New Crypto Export Regulations

Codex The Sloth writes "The Industry Standard has a story about industry feedback to the Clinton Administrations new Crypto Regulations which are being developed behind closed doors. Evidently it's requires high security like Hillary Clinton's health care reform plan..." Worth a read. It sounds like we're getting somewhere, although not everywhere.

My expected outcome to this

[renegade187]

Encryption is now limited to rot13 so theres no need for key escrow. Of course all governmental encryption will be increased to tripleDES!

If I have data needing protection, i RAR it with a password, then put it on cd and hide the cd.

Here's some conjecture....

[Dwarf_Sibling]

I have some third party knowledge from a DoD official regarding the new regs. The information was current as of Comdex last week. Take this with several grains of salt as it is most definitely hearsay. I'm only offering it up because the included article seemed to raise more questions than it posed answers to.

According to this individual, they are completely relaxing any bit-length restrictions on encryption technology. When sold through "retail", it is completely free of restriction. However, when sold to government at least, or perhaps major corporations, encryption vendors are required to track the end user. It wasn't specified whether or not this information needed to be expressly given to the government at point-of-purchase or only after a subpoena. If its the latter, I'll sleep better. If its the former, I think we just traded relaxation of one regulation for a tightening of another. Btw, countries like Iran, Iraq, Lybia, etc. are still on the black list. But we can't even sell them a stick of gum, let alone an encryption device.

-DS