Darren Reed wrote:
>In some mail from Kevin Kealy, sie said:
>> - Each endpoint for your VPN must have a separate export license from the
>> US government
>> - The keys are subject to US law, not the laws of the country where they're
>> being used - unless you also choose to store them elsewhere.
>ie, nothing of any note has changed here.
Not quite. As long as you comply with the terms above, the default US
govt. behaviour is to allow the product to ship; it's a rubber stamping
exercise rather than the hoop jumping that was needed before.
>You still need to get the permission of the US State Department, so you
>probably need to be a bank or large multinational with a presence in the
>USA before they'll permit it out. However, what about VPN's where neither
Again, that's what makes TIS's achievement so amazing; as long as you
comply with the rules of CKE (Commercial Key Escrow) the secret squirrels
don't have a problem.
>endpoint is in the USA but you've exported Gauntlet from the USA ? Or
>would that be something inconceivable to Americans ? :-)
No, that's where my point about escrowing keys in the US comes in.
Say I (in the UK) want a VPN betwixt myself and my head office in
Johannesburg, *both* sets of keys will be stored in the US. Now,
that may, or may not, be a problem to you.
I know where I stand on this one... :-)
-- __ _____ __
_________________________________ (__\/ \/__) ________________
Kevin Kealy ( \_|_/ )
Finger kevink @
uk for PGP key =| |/| |= Honda CBR1000FM
\ |\| /
_______________________________________ \_/ ______________________
PGP Key fingerprint: 30 F5 E6 3F B5 67 2D CB AD 36 B5 06 E9 BC 4E 5E