Re: Double Encryption Illegal?

In article <8hrbrf$a5b$1_at_nnrp1.deja.com>,   Crypto-Boy <crypto_boy_at_my-deja.com> wrote:
> On page 10-10 and 10-14 of the Oracle Advanced Security
 Administrator's
> Guide (from release 8.1.6 December 1999), it says the following (in
 bold
> no less):
>
> "Warning: You can use SSL encryption in combination with another
 Oracle
> Advanced Security authentication method. When you do this, you must
> disable any non-SSL encryption to comply with government regulations
> prohibiting double encryption."
>
> Since when is it illegal to double encrypt in the US? I don't believe
> this is true.
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
>

I heard that something like above 128 bit encryption is illegal. I read it from some reliable source, but don't remember where. So the statement sounds right to me.
I am not sure why this law exists, but to best of my knowlege there is a maximum level of encryption that is legal. Maybe it's so that if terorists transfer messages, government should be able to use the messages in court. It it takes a few years to break the code, then it's ok. But if it takes a million years, as in 256 bit encription, then there is no way to decode the message. Contact your lawyer if you plan to release software that is going to use this type of encryption. If you are doing this to send messages between yourself and your girlfriend, so that you wife can't break the code, I don't think that you will get arrested.

Sent via Deja.com http://www.deja.com/
Before you buy. Received on Tue Jun 20 2000 - 00:00:00 CEST