[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: PGP in the US (Re: formal documents)

Kikutani Makoto writes:
> Yes, my PGP is an international version which was built in Japan, and I
> brought it in my laptop.

The international version infringes the RSA patent and so the owner of the
patent (PKP?) could theoretically sue you for using it in the US.  All they
could get is an injunction ordering you to stop, though.  There is no real
chance that they would bother.  If you are feeling paranoid, delete your
international version and install the US one.

> But of course I can't prove it.

There is no reason why you would need to do so.  The munitions export laws
(unrelated to the patent issue) forbid the export of strong pgp from the
US, regardless of its origin.  You are safe from those as long as you stay
in the US.  Theoretically, you should delete pgp from your laptop before
you take it home.

1) It is not a violation of US law for anyone to use any kind of pgp
   anywhere.  The US has no laws restricting the use of cryptography.

2) It is not a violation of US law to bring any kind of pgp into the US.
   Infringing a patent is not a crime.

3) It is a violation of US law to export any kind of pgp from the US.
   This is true even if you brought it here in the first place.

4) It is an infringement of the RSA patent to use pgp-i in the US.
   You are extremely unlikely to be sued, though.

5) It is not an infringement of the RSA patent to use any kind of pgp
   outside the US.

> I've considered to join Debian maintainer before.  But I gave up it
> because the PGP problem is not clear.

Don't export it and you are safe from the US Government.  Don't use pgp-i
in the US and you are safe from PKP.
John Hasler                This posting is in the public domain.
john@dhh.gt.org		   Do with it what you will.
Dancing Horse Hill         Make money from it if you can; I don't mind.
Elmwood, Wisconsin         Do not send email advertisements to this address.

Reply to: