Thus spake "Ralph Doncaster" <[EMAIL PROTECTED]> > That's basically all Netscape & Microsoft were doing when they had to > restrict 128-bit SSL. They threw in the requirement to enter your address > & phone number, but they had no way of telling if you were entering your > address, or the one you got from doing a four11.com lookup of John Smith > in Plano, Tx.
The new crypto regulations allow shrink-wrapped software to be exported if the receiver claims to be authorized; there is no legal requirement on the exporter to actually verify this status... I really wonder if there's any point in regulating at all, if they're going to be so blatantly stupid about it. S