The Canadian Dep't of Foreign Affairs & International Trade (DFAIT) has an export law
page at:
http://www.dfait-maeci.gc.ca/~eicb/notices/ser113-e.htm
It includes this text:
| PROPOSED EXPORT CONTROL LIST CHANGES:
|
| 12. The Wassenaar ... States agreed to ... a Cryptography Note
| applicable to both hardware and software goods that meet all
| of the following:
|
| (a) generally available ... at retail ...
| (b) the cryptographic functionality cannot easily be changed by the user;
| (c) designed for installation by the user ...
| (d) does not contain a symmetric algorithm employing a key length exceeding 64
|bits; and
| (e) when necessary, details ... are accessible ... to the appropriate authority
|...
|
| 13. In addition to the technical changes, the Wassenaar ... States agreed that the
| controls on Mass Market goods as defined in sub-paragraph 12 (d) above will
|remain in
| effect for two years and that the renewal of such controls for a successive
|period will
| require the unanimous consent of the Wassenaar ... States.
I cannot find anything like the last paragraph on the Wassenaar secretariat site. Can
anyone
here confirm that this was actually agreed to?
If I read it right, the 64-bit limit should be dead in two years. I cannot see
Germany, or
other countries reportedley victimized by Echelon, consenting to a continuation.
What can we do in the remaining year-and-a-half or so to ensure consent is nowhere near
unanimous?
