[Cryptography] FIPS, NIST and ITAR questions

Richard Salz rich.salz at gmail.com
Tue Sep 3 16:04:21 EDT 2013

I still think you are reading it too conservatively.  The NSA page
defers the actual rules to somewhere else:  "Certain commercial IA and
IA-enabled IT products that contain cryptography and the technical
data regarding them are subject to Federal Government export controls"

Suite B includes algorithms (encryption) that are definitely
export-controlled.  Most think it also contains algorithms that are
NOT export-controlled (digest).  A Suite B implementation, which would
include encryption, is controlled. A partial implementation, such as
only the digests.. not proven.

More information about the cryptography mailing list