> > PS: off topic: My company is located in Brazil and our server is in the US.
> > I never know for sure if I should use the international or U.S. versions of
> > crypto software. Anyone knows?
>
> You may use the US version on the server, but if you are doing any
> encrypted
> operations from brazil you will have to ensure that you are not using
> any
> strong encryption while doing so. So it depends on what you are doing
> from your
Is this really true? That it is illegal to access a secure server inside
the US with strong encryption, even when the client accessing the
server uses a product that was not built in the U.S. to begin with???
I thought the rules stated that no software may be exported from the
U.S. with strong encryption, even if the software was originally
built outside the U.S. But the scenario above is strictly an issue
of accessing an existing service inside the U.S. - no export issues
involved, is it not?
> server. If it is web-stuff, a US server might help, since you
> US-custemers
> might be able to use strong encryption. If your customers are ouside
> US/Can
> then you might want to avoid the hassles as nobody can connect to it
> anyway.
>
>
> --
> *******************************************************************
> Lutz Behnke Tel.: 040 / 766 29 1423
> TC TrustCenter for Security Fax.: 040 / 766 29 577
> in Data Networks GmbH email: [EMAIL PROTECTED]
> Am Werder 1
> 21073 Hamburg, Germany
--
------------------------------------------------------------
Thomas Reinke Tel: (416) 460-7021
Director of Technology Fax: (416) 598-2319
E-Soft Inc. http://www.e-softinc.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
