> > I heard that one firm recently won the right to export DES without
> > restriction.
> Marcus' comments are on the mark with my experience as well. There is
> one other situation to which you may be referring. I understand that
> the US Gov't has been fairly generous in allowing export of mechanisms
> which solely provide authentication, but without confidentiality. I
> think they are only this way for tools which don't appear to be easily
> converted to confidentiality applications.
The Commerce Department (which is the issuing body) does seem to allow
mechanisms that only provide for authentication.
They are also not adverse to granting export of DES if it is to used in
foreign banking institutions. Another arena that export of encryption
technology is possible is for use within an US companies foreign office,
but the foreign government then may have their own constraints.