undefined | Better HN

0 pointsirqed12y ago0 comments

Yep, not yet. But I'd like to see how they will be banning PGP.

0 comments

4 comments · 2 top-level

drdaeman12y ago· 1 in thread

Well, IMNAL, but laws seem to imply that developing, supporting and distributing cryptographic solutions without appropriate FSB-provided license is banned, although I never heard anyone had issues with hosting, say, Debian mirror with GnuPG and OpenSSL, or adding TLS support to some product. But it may be well possible that laws are there but it's just that no one cares to enforce them.

On the other hand, use is legal, except if user is state-owned and municipal corporations. Those must use only FSB-licensed solutions.

JoshTriplett12y ago

> although I never heard anyone had issues with hosting, say, Debian mirror with GnuPG and OpenSSL, or adding TLS support to some product

From the Debian package description for openssh-client, at http://packages.debian.org/sid/openssh-client :

"In some countries it may be illegal to use any encryption at all without a special permit."

That warning was added to the description for a reason.

As for hosting, there was a huge issue originally with the export of cryptographic software, which led to the creation of Debian's "non-us" archive of software that had to be hosted outside the US. That got solved once it was possible to distribute such software with a notification requirement. See https://lists.debian.org/debian-devel-announce/2002/03/msg00... for the long and storied history.

gtt12y ago· 1 in thread

I hope they won't but why would they want to ban PGP in first place?

twoodfin12y ago

Why would the Russian government want to ban encryption they can't break? Can't imagine.

More seriously, I assume there's a longstanding suspicion that any Western encryption technology has been engineered to be vulnerable, which isn't totally paranoid.

j / k navigate · click thread line to collapse