Hi Olaf, On Monday 11 March 2002 08:30, Olaf Titz wrote: > http://java.sun.com/products/jce/jce121_faq.html#FewerRestrictions> One interesting paragraph mentioned in the URL you gave is: *** JCE 1.2.1 also includes an ability to enforce restrictions regarding the cryptographic algorithms and maximum cryptographic strengths available to applets/applications in different jurisdiction contexts (locations). The cryptographic restrictions are specified in "jurisdiction policy files" that are downloaded with JCE 1.2.1. Since the US government has relaxed export restrictions on cryptographic strengths, the JCE 1.2.1 software from Sun Microsystems now has a single distribution for both domestic and global users. The bundled jurisdiction policy files contain no restrictions on cryptographic strengths. This is appropriate for most countries. Other framework vendors could create download bundles that include jurisdiction policy files that specify cryptographic restrictions appropriate for countries whose governments mandate restrictions. Users in those countries could download an appropriate bundle, and the JCE framework will enforce the specified restrictions. *** I wonder if having a similar method be usable for the linux kernel? After all, we already have systems in place for stuff like timezones, etc, which is country dependant. Why not encryption strengths based upon "jurisdiction policy files"? It might help to read the quoted paragraph after replacing "JCE 1.2.1" with "linux kernel". :-) Regards and best wishes, Justin Clift - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
