W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1996

Re: Digest Authentication

From: Ned Freed <NED@innosoft.com>
Date: Mon, 01 Jan 1996 22:31:01 -0800 (PST)
To: ams@terisa.com
Cc: Ned Freed <NED@innosoft.com>, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com, www-security@ns2.rutgers.edu, "Robert W. Shirey" <rshirey@bbn.com>
> > The bottom line is that if you intend to export anything that uses
> > cryptographic methods, you'd best hire a lawyer familiar with export law and
> > get approval for it. You'll probably have no problem with authentication.

> The bottom line for Digest Authentication means, then, that domestic
> developers who include this mechanism would need to apply for some sort of
> export approval (presumably they would apply for CJ and get it).

I have no reason to think otherwise. And for those who don't want to pay for a
lawyer, you can always try for it on your own. There's a "Do it yourself CJ
approval kit" available at:


Note that I am not recommending this approach -- I have not tried this kit and
cannot speak to whether or not it's the right way to go about it.

Received on Monday, 1 January 1996 22:42:38 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:40:16 UTC