Interesting People mailing list archives
IP: PECSENC Recommendations on Crypto Export
From: David Farber <farber () cis upenn edu>
Date: Thu, 26 Aug 1999 17:57:09 -0400
Date: Thu, 26 Aug 1999 12:00:42 -0400 From: denning () cs georgetown edu (Dorothy Denning) Subject: PECSENC Recommendations on Crypto Export The recommendations of the President's Export Council Subcommittee on Encryption (PECSENC) are on my Web site at http://www.cs.georgetown.edu/~denning/crypto/lib2000.html. My understanding is that they have been sent to Commerce Secretary Daley and that they go to the full PEC tomorrow for approval and transmission to the President. There are 10 recommendations, which I have included below. The report gives the justification behind them. Dorothy -------- President's Export Council Subcommittee on Encryption Liberalization 2000: Recommendations for Revising the Encryption Export Regulations I. Reporting Requirements Recommendation: Eliminate reporting requirements for exports under License Exception ENC, License Exception KMI, and "Recoverable" Encryption ELAs. II. License Free Zones Recommendation: Create a "license-free zone" by eliminating export approval requirements for encryption products sent to countries that do not present a significant national security concern related to U.S. encryption items. III. ENC/Sector Expansion Recommendation: Expand the scope of the current License Exception ENC to add critical infrastructure industries, friendly governments, and multi-lateral organizations as additional sectors. (This should apply to trusted sectors located or based in those countries that are eligible for ENC treatment, but are not included in a "License Free Zone") IV. On-Line Merchants Recommendation: Allow export of general purpose encryption products to on-line merchants under License Exception ENC. V. Mass-market Hardware and Software Recommendation: Expand License Exceptions TSU and ENC to allow export of mass-market hardware and software encryption with key lengths of 128 bits or equivalent strength including triple DES. VI. Encryption Licensing Arrangements Recommendation: Expand the use of flexible licenses such as Encryption Licensing Arrangements to other areas of the EAR. VII. Applications that call Cryptographic Application Programming Interfaces (APIs) Recommendation: Exempt applications that access cryptographic APIs from EI controls. VIII. Chips, Linkable Modules, Toolkits Recommendation: Remove exclusion of encryption chips, integrated circuits, toolkits, executable or linkable modules from export provisions of License Exception ENC/56-bit. Include encryption chips, integrated circuits, toolkits, executable or linkable modules, source code and technology under License Exception ENC provisions to all sectors authorized to receive encryption commodities and software of unlimited key strength. IX. Infrastructure Management and Integrity Uses of Cryptography Recommendation: Exempt uses of cryptography for infrastructure management and integrity functions from EI controls. X. Recoverable products Recommendation: Provide "recoverable" encryption products with similar export privileges as those given to key recovery encryption products under License Exception KMI.
Current thread:
- IP: PECSENC Recommendations on Crypto Export David Farber (Aug 26)