Re: DES advocacy
- From: daw@xxxxxxxxxxxxxxxxxxxxxxxx (David Wagner)
- Date: Thu, 29 Jun 2006 01:41:11 +0000 (UTC)
Roger Schlafly wrote:
How do you know how he was going to use DES? He wrote
some DES code, and it is a simple matter to use triple-DES.
Because he asked about DES.
If he really wanted to know about the export status or security of
triple-DES code, but his post asked about DES, then he was asking the
wrong question. If that is the case, he can easily set us straight --
but until he does, I prefer to assume that he knew what he was doing
when he asked about DES, and answer the question that was asked.
Alternatively, another helpful answer would be to say "here is the
answer for DES; and in case you intended to ask about triple-DES, here
is how the answer changes for triple-DES". But, well, that's not what
I saw...
Anyway, I think tomstdenis pointed to the right URL for information
about crypto export law. Fortunately, for freely available open-source
crypto implementations, I think the answer is the same for both DES and
triple-DES: as long as you notify BXA in the approved manner, you are
free to make implementations of DES or triple-DES publicly available.
(If you want information about exporting a commerical product, you're
better off asking a lawyer.)
It is wrong to say that DES is "completely insecure".
Yup, that was an overstatement on the part of whoever said that.
But DES does have security problems that make it not such a great
choice for new designs.
.
- Follow-Ups:
- Re: DES advocacy
- From: Roger Schlafly
- Re: DES advocacy
- From: Ed Weir \(ComCast\)
- Re: DES advocacy
- References:
- DES advocacy
- From: sav
- Re: DES advocacy
- From: Roger Schlafly
- Re: DES advocacy
- From: David Wagner
- Re: DES advocacy
- From: Roger Schlafly
- DES advocacy
- Prev by Date: Re: DES advocacy
- Next by Date: Re: DES advocacy
- Previous by thread: Re: DES advocacy
- Next by thread: Re: DES advocacy
- Index(es):
Relevant Pages
|
