Chris,
I've been looking into the export issues. Not all of the answers are
in place, but the outline of a possible arrangement has begun to
emerge. To emphasize the obvious, everything I say below is tentative
and unofficial.
Sender: pem-dev-relay(_at_)TIS(_dot_)COM
From: IS01(_at_)PRIMEA(_dot_)DUNDEE(_dot_)AC(_dot_)UK
To: pem-dev <pem-dev(_at_)TIS(_dot_)COM>
Date: Tue, 16 Jun 92 09:34:49
Subject: International PEM participation
A year or so ago (before I moved from Australia to the UK), I asked this
list what was the status of international opportunities to participate
in PEM. I got some cautiously optimistic replies without anyone actually
having any way round the export restrictions. I'd now like to ask the
question again, to see if there has been any progress in the mean time.
So, will it be possible for sites in the UK and/or Australia to participate
in PEM pilots?
There are two ways for the UK and/or Australia (and/or other
countries) to participate in PEM pilots.
1. Build or acquire a PEM system. The specs are clear enough, so this
is just "a small matter of programming." The cryptography rules
vary from country to country, but it's probable that the rules in
the UK and Australia permit you to write and use your own
cryptography software using RSA, DES and MD5 and to send messages
out of the country. (In contrast, France is reputed to have rules
restricting transmission of encrypted messages across borders.)
2. Although there seems to be little chance of gaining permission in
the US to export DES-based PEM systems which perform encryption,
there is a strong possibility that weaker algorithms can be
exported. We are now investigating adding a weaker algorithm to
the implementation precisely ease the export problem. If this
succeeds, we will be able to ship you our code.
Will it be possible for the public domain MH-PEM version to be exorted to
these and other European countries?
"exorted"? I assume you mean "exported." "Exhorted" or "extorted"
raise other possbilities :-)
See above.
If not, would it be possible to export this version in "bare-bones" form,
as kerberos was initially (ie without the encryption algorithms but with the
hooks for them)?
It may be possible to produce an exportable version which supports
authentication and integrity only and has no capability for
encryption. However, simply removing the cryptography but leaving it
obvious where to reinsert it won't solve the problem; the rules are
tighter than that.
Is anyone doing any work on international cross-certification?
The term "cross-certification" suggests multiple hierarchies, each
with its own root, with some sort of scheme for lashing a particular
point in one tree to a particular point in another tree. Rather than
using cross-certification, there is a strong preference to have
everyone join the unified international certificate hierarchy. The
Internet Society will act as the root and various organizations will
be licensed by the Internet Society to issue certificates underneath
the Internet Society. These organizations will be "PCAs" and both
RSADSI and TIS have applied to be PCAs. Other organizations may apply
to become PCAs, but there is nothing magic about geography. TIS is
prepared to work with anyone, and I suspect RSADSI is as well.
All of the above nothwithstanding, there may well be times when
cross-certification is required. See my prior notes on forests, trees
and thickets.
Is anyone doing any work on gateways between PEM and secure X.400/X.500
mail?
Not to my knowledge. Chris Moore gave a talk at Interop a few weeks
ago, and he pointed out that there is very little real work on
security in X.400 mail systems yet.
Thanks for any help you can give in answering these questions.
Chris Rusbridge
Director of Information Services
University of Dundee, Dundee DD1 4HN, Scotland
Internet: C(_dot_)A(_dot_)Rusbridge(_at_)dundee(_dot_)ac(_dot_)uk
Telephone: +44 382 307444 Fax: +44 382 23117