Re: Debian 6.0.2 - Encryption Algorithms and key bit lengths

[Russ Allbery <rra@debian.org>]

"Rishoff, Justin" <Justin.Rishoff@netapp.com> writes:

> I have seen some correspondence regarding the Export Control
> Classification of Debian, which is shown as 5D002.

> Debian is part of our product development and for import reporting
> requirements we will need the Encryption Algorithms and key bit lengths
> that are employed.

> e.g. 56 bit DES

> Can you provide this for me?

Hi Justin,

The short answer is "we don't know; we don't keep track."  Debian makes
very extensive use of the open source exemption in US export control law,
which means that we don't have to track and fill out separate paperwork
for encryption methods the way that commercial products may have to.

I know of at least six independent significant cryptography suite
implementations in Debian (OpenSSL, GCrypt, Nettle, NSS, hcrypto in
Heimdal, and the crypto code in MIT Kerberos), all of which have
independent sets of supported algorithms and key bit lengths, plus I'm
sure that we have other, more minor packages with other implementations
(we probably have some native Perl implementations, for example).

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>