Great Circle Associates Firewalls
(March 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: firewalls-digest V5 #155
From: Kevin Kealy <Kevin . Kealy @ rcs . co . uk>
Date: Thu, 14 Mar 1996 09:05:58 +0000 (GMT)
To: firewalls @ GreatCircle . COM
In-reply-to: <199603121821 . KAA12828 @ miles . greatcircle . com> from "owner-firewalls-digest @ uunet . uu . net" at Mar 12, 96 10:21:41 am 
owner-firewalls-digest @
 uunet .
 uu .
 net wrote:
>
>
>From: ishii @
 open .
 tjsys .
 co .
 jp (=?ISO-2022-JP?B?GyRAQFAwZiEhRD47SxsoQg==?=)
>Date: Tue, 12 Mar 96 17:56:12 JST
>Subject: easing American export regulation ?
>
>Please let me know someone.
>
>   It was soon heard that export of the 64bit version of RC2 ? of RSA 
>   was permitted by easing American export regulation a little.
>
I believe that what you have heard is that TIS (the makers of the Gauntlet
firewall) have succeeded in getting the first ever commercial DES product 
(unweakened) out of the USA.  For this they deserve *huge* applause and
thanks - let's just hope that this is a harbinger of things to come.

The primary use for this technology with the Gauntlet firewall is for point-
to-point Virtual Private Networks (VPNs) across the Internet.

The issue is very closely tied up with their new Commercial Key Escrow (CKE)
system too.

On the downside, there is this information:

-	The DES they've got permission to export is single-DES only - 56bit.
-	Single DES is not considered "strong" any more
-	The keys for your DES encryption must be generated and escrowed 
	(stored) in the USA
-	Each endpoint for your VPN must have a separate export license from the
	US government
-	The keys are subject to US law, not the laws of the country where they're
	being used - unless you also choose to store them elsewhere.

>   Is it true?    I am living in JAPAN .

I hope this helps.  Considering my penultimate bullet above, I don't know
how hard you'll find it getting the license into Japan; shouldn't be too
hard though.

Just as an aside, I use SSH between my laptop and my office when I'm 
travelling; just use a gopher or a WWW search to look for SSH.  And yes,
it was developed outside the US (I believe) :-)

Kevin

--                                   __  _____  __
_________________________________   (__\/     \/__)  ________________
                                       \\_____//
Kevin Kealy                            ( \_|_/ )
                                       |\_____/|
Finger kevink @
 rcs .
 co .
 uk for PGP key   =|  |/|  |=     Honda CBR1000FM
                                        \ |\| /
http://www.rcs.co.uk                     -|/|-
_______________________________________   \_/  ______________________
PGP Key fingerprint: 30 F5 E6 3F B5 67 2D CB  AD 36 B5 06 E9 BC 4E 5E
Follow-Ups:
Indexed By Date Previous: Re: Security of Networked Workstations with dial-up PPP Internet!!!
From: Michael Dillon <michael @ memra . com>
Next: Re: firewalls-digest V5 #158
From: "James W. Henry" <jwhenry @ usit . net>
Indexed By Thread Previous: Cisco PIX experiences?
From: jet @ abulafia . genmagic . com (J. Eric Townsend)
Next: Re: firewalls-digest V5 #155
From: "Jonathan M. Bresler" <m1jmb00 @ FRB . GOV>
Google
 
Search Internet Search www.greatcircle.com