Export Restrictions on .NET ??

E

Emby

There used to be restrictions on the export of "enhanced encryption" (which
usually meant encryption with a strength greater than 40-bit) to certain
"restricted countries" (Cuba, Iran, Iraq, Libya, North Korea, Sudan, Syria
and Vietnam - the list varies over time)

But v2.0 of the ,NET framework includes strong encryption (128-bit). Does
that mean that ALL .NET applications are restricted from being exported?

Thanks,

Emby
 
M

Mike Partain

Since the encryption is in the run time library and not the applications,
generally it means no, you are not restricted.
Now if you include the .Net runtime as part of your instalation, then yes,
it might be restricted.

The exception would be if you were to use weak encryption in a way that
strengthens it - then it might be restricted.

In all cases, if you export (anything) to any of the currently restricted
countries, you would be wise to have legal council involved anyhow.
 
L

Lloyd Dupont

I guess it means that ONLY application using this encryption algorithm
directly are restricted.
For exemple I don't use them in my application, so it's all good!
 
E

Emby

Thanks Mike,

That's kind of what I was thinking ...from
http://msdn2.microsoft.com/en-us/library/ms925919.aspx

Getting a CSP (Cryptography Service Provider) Signed
"In accordance with the U.S. Department of Commerce's export restrictions
concerning cryptography, Microsoft must digitally sign every CSP so that it
will run on Microsoft operating systems. The primary purpose of the digital
signature is the protection of the system and its users. The operating
system validates this signature periodically to ensure that the CSP has not
been tampered with. A secondary effect of the digital signature is that it
separates applicable export controls on the CSP from the host operating
system and applications, thus allowing broader distribution of
encryption-enabled products than would be possible under other
circumstances"

Which seems to indicate that applications that use the Windows CrytopAPI
(and I think .NET apps call into the .NET Framework, which in turn calls the
CryptoAPI) are not themselves restricted.

Cheers
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

" Internet under surveillance " 2004 report 1
OT| The Decline and Fall of the American Empire: Four Scenarios for the End of the American Century 0
Gates Plans Leave Admid Great Change 2
Download the JAVA , .NET and SQL Server interview with answers 2
The Man Who Spilled the Secrets =haxored 5
Ziff-Davis Benchmarking Operation 1
FWT Newsletter - Weekly - October 25, 2004 8
AMD Tech Day at Develop 2007 1

Top