Reply From: Raj Mathur <raju@sgi.com>
PGP 5.0 was legally exported from the US. Apparently US laws forbid
the export of crypto /software/ but not the export of books which have
source code of crypto software. The authors of PGP 5.0 published a
book with complete source code, and (get this!) checksums of each line
of code. The book was (legally) exported from the US, the source code
was scanned and OCR'd and the checksums of each line matched with the
original checksums in the book. Once all errors were fixed, voila! PGP
had been exported from the US!
All this is pretty well documented in the PGP 5.0 documents, and it
wouldn't surprise me to learn that a similar method had been used for
6.0 (did they have enough time to publish the source in a book and
export it?) I need to download the International version of PGP 6.0
and check it out, I guess.
-- Raju
Chris> How fast does software that shouldn't be exported from US
Chris> shores get exported anyway? So fast, the company that
Chris> makes it hasn't even announced the software's existence.
Chris> That's what happened to the latest version of Pretty Good
Chris> Privacy(PGP)'s freeware Wednesday, when the author of a Web
Chris> site in England posted the software for download.
Chris> PGPfreeware 6.0 is a software utility that uses a form of
Chris> strong encryption to scramble data, such as email messages,
Chris> into unreadable code.
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Mon Sep 7 09:57:29 1998