Back in mid-1999, I sent this to the list:
> The Canadian Dep't of Foreign Affairs & International Trade (DFAIT) has an export law
> page at:
>
> http://www.dfait-maeci.gc.ca/~eicb/notices/ser113-e.htm
>
> It includes this text:
>
> | PROPOSED EXPORT CONTROL LIST CHANGES:
> |
> | 12. The Wassenaar ... States agreed to ... a Cryptography Note
> | applicable to both hardware and software goods that meet all
> | of the following:
> |
> | (a) generally available ... at retail ...
> | (b) the cryptographic functionality cannot easily be changed by the user;
> | (c) designed for installation by the user ...
> | (d) does not contain a symmetric algorithm employing a key length exceeding 64
>bits; and
> | (e) when necessary, details ... are accessible ... to the appropriate
>authority ...
> |
> | 13. In addition to the technical changes, the Wassenaar ... States agreed that
>the
> | controls on Mass Market goods as defined in sub-paragraph 12 (d) above will
>remain in
> | effect for two years and that the renewal of such controls for a successive
>period will
> | require the unanimous consent of the Wassenaar ... States.
>
> I cannot find anything like the last paragraph on the Wassenaar secretariat site.
>Can anyone
> here confirm that this was actually agreed to?
>
> If I read it right, the 64-bit limit should be dead in two years. I cannot see
>Germany, or
> other countries reportedley victimized by Echelon, consenting to a continuation.
>
> What can we do in the remaining year-and-a-half or so to ensure consent is nowhere
>near
> unanimous?
Checking the Wassenaar site today, I find they did indeed have a meeting in December
2000, and their online version of the agreement:
http://www.wassenaar.org/list/Cat%205P2%20-%2099.pdf
does indeed have:
(c) designed for installation by the user ...
(d) deleted;
(e) when necessary, details ... are accessible ... to the appropriate authority
...
Should we be celebrating? Publicising?
