On December 2, 2021 4:20 AM, Boris Kolpackov > rsbec...@nexbridge.com <rsbec...@nexbridge.com> writes: > > > Sadly, the import restrictions do not distinguish between message > > digests and cryptography [...] > > You seem to be quite knowledgeable on the matter so can you provide one > concrete example of where one jurisdiction restricts export to another of, > say, an SHA-1 implementation?
FWIW: My experience comes from some areas: my company that sells software requiring an Export Control Classification Number because of the set of message digests we use; being a platform maintainer for OpenSSL and git on two heritage platforms. Google is a wonderful thing: https://en.wikipedia.org/wiki/Restrictions_on_the_import_of_cryptography The link is non-specific on which cyphers are prohibited, probably because that changes without notice and I'm not sure Wikipedia is accessible from all of those locations. Looking at the page history is actually informative and perhaps relevant to the question.
