[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Proposed Extensions to TLS for OpenPGP

To: Steve Schear <schear@xxxxxxxx>
Subject: Re: Proposed Extensions to TLS for OpenPGP
From: EKR <ekr@xxxxxxxxxx>
Date: Thu, 01 Jan 1998 19:34:59 -0800
Cc: ietf-tls@xxxxxxxxxxxxx, ietf-open-pgp@xxxxxxx
In-reply-to: Your message of "Thu, 01 Jan 1998 17:40:52 PST." <>
Sender: owner-ietf-open-pgp@xxxxxxx

You write:
> >Incidentally, I think this is probably a dangerous course of
> >action. The EAR <http://www.bxa.doc.gov/supp6.htm> 7 day review
> >criteria explicitly state:
> >
> >   (iv) The software must not allow the alteration of the data 
> >encryption mechanism and its associated key spaces by the user or 
> >any other program
> >
> >It seem that Fortify is a constructive proof that the program
> >in question violates this criterion. That doesn't mean it's
> >ineligible for CJ completely but I wouldn't want to try to get
> >approval for it either.
> 
> I'm sure the EAR enforcement folks are well aware of how well or poorly various software they approve for export adhere to regulation.  I'll leave it to the individual corporations and EAR to soft this out.
> 
> The point I was trying to make is that from a practical standpoint
> companies like Netscape need change nothing.  Just keep their code
> structured the same way and let unrelated 3rd parties "do the dirty
> work." 
I think we're in violent agreement here, then.

-Ekr

[Eric Rescorla                             Terisa Systems, Inc.]
		"Put it in the top slot."

Follow-Ups:
- Re: Proposed Extensions to TLS for OpenPGP
  - From: Steve Schear

References:
- Re: Proposed Extensions to TLS for OpenPGP
  - From: Steve Schear

Prev by Date: Re: Proposed Extensions to TLS for OpenPGP
Next by Date: Re: Proposed Extensions to TLS for OpenPGP
Previous by thread: Re: Proposed Extensions to TLS for OpenPGP
Next by thread: Re: Proposed Extensions to TLS for OpenPGP
Index(es):
- Date
- Thread