[ISN] O'Reilly Comments on Crypto Laws

From: mea culpa (jerichot_private)
Date: Wed Oct 14 1998 - 22:56:15 PDT

  • Next message: mea culpa: "[ISN] Information Security Magazine Launch Security Wire Daily"

    Forwarded From: phreak moi <hackerelitet_private>
    
    http://www.news.com/News/Item/0,4,27511,00.html?st.ne.1.head
    O'Reilly addresses crypto laws
    By Paul Festa
    Staff Writer, CNET News.com
    October 13, 1998, 5:40 p.m. PT
    
    O'Reilly today posted an update of its server software to fix a crypto bug
    that was making more than 60,000 secure Web sites potentially inaccessible
    to users of new versions of Netscape Communications' Navigator. 
    
    O'Reilly's WebSite Professional 2.3.9 is designed to fix a problem that
    didn't become apparent to O'Reilly or its users until Netscape corrected
    what both O'Reilly and Netscape described as a technical violation of the
    U.S. laws governing the export of cryptography technology. 
    
    Microsoft's Internet Explorer browser remains in violation of the
    regulations, according to both Netscape and O'Reilly. Microsoft denies
    that assertion. 
    
    The problem with WebSite Professional, and the purported export regulation
    violations, concern the security protocol known as Secure Sockets Layer
    SSL. SSL, which lets Web sites and browsers exchange encrypted data such
    as credit card numbers, has two parts: a key exchange (or "handshake")
    phase, in which the browser and server negotiate how they will encrypt the
    actual data, and a data encryption phase. 
    
    Because of U.S. government export regulations, there are different limits
    on the strength of the cryptography for export and domestic products. For
    the data exchange phase, browsers and servers intended for export outside
    the U.S. and Canada can use up to 40-bit strength crypto. For the
    handshake phase, the limit is 512 bits. 
    
    The trouble with the domestic-strength (that is, the stronger version)
    WebSite Professional is that without today's update it offers
    export-strength (weaker) browsers a 1024-bit handshake, instead of a
    512-bit handshake. That, O'Reilly acknowledges, is a violation of the
    export regulations. 
    
    On the client side of the exchange, exportable versions of both Netscape's
    Navigator browser--except for versions 4.06 and above--and Microsoft
    Internet Explorer accept that 1024-bit handshake. 
    
    Now that Netscape is in compliance with the regulations, it is prodding
    Microsoft to follow suit. 
    
    "Microsoft knows they're not in compliance with export regulations," said
    Michael Mullany, product manager for Mission Control at Netscape. "They
    should go fix IE." 
    
    O'Reilly weighed in with a similar assessment of Microsoft's position
    vis-a-vis the export rules. 
    
    "Technically, it's a violation of the export-strength restrictions," said
    Robert Denny, O'Reilly's lead developer for WebSite Professional.
    "Microsoft is being more lenient than they probably should be." 
    
    Microsoft vehemently denied that IE falls afoul of crypto export rules. 
    
    "There is nothing here that is an actual export violation," said Jason
    Garms, product manager for Windows NT security. "We take compliance with
    government export laws very seriously." 
    
    Garms noted that Microsoft had applied for and was granted export approval
    by the Commerce Department for IE, even with the 1024-bit handshake. 
    
    Regarding the handshake phase of an SSL session, the crypto export
    regulations state: "The key exchange used in data encryption must be...a
    public key algorithm with a key space less than or equal to a 512-bit
    modulus...." 
    
    Garms noted that versions of SSL prior to SSL 3 did not support the
    so-called stepping down, in which a domestic-strength server would offer
    export-strength browsers a 512-bit handshake. So for SSL versions 1 and 2,
    a 1024-bit handshake was the only possible variety. When SSL 3 was
    introduced with the downward negotiation capability, offering 1024-bit
    handshakes remained common practice, according to Garms. 
    
    So when Netscape brought its browser up to code, users with
    export-strength Navigator versions 4.06 and above found themselves unable
    to handshake with sites running WebSite Professional. 
    
    For sites that adopt O'Reilly's upgrade, the problem should disappear. For
    its part, Microsoft it sticking by its guns. 
    
    "We currently have no plans to make any changes to the protocols that
    we're shipping in this area," Garms said. 
    
    "It is the responsiblity of the U.S. government, not our competitors, to
    determine if we're in compliance with U.S. export policies," he added. 
    
    Netscape's Mullany, while reiterating his view that Microsoft was
    noncompliant, noted that the handshake was the less important of the two
    SSL stages. 
    
    "We and Microsoft too, as far as I know, have always been in compliance
    for the important part of SSL, which is the data transfer," Mullany said.
    "The U.S. government really cares that we're compliant with that. The key
    exchange is not as important." 
    
    
    
    
    -o-
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:07:38 PDT