Using GPG in the US

Caskey L. Dickson caskey at technocage.com
Mon Nov 23 01:07:08 CET 1998


On Sun, 22 Nov 1998, Jimmy Kaplowitz wrote:

> 1) Is it legal for me to use GPG in the US? I would think so, but all
> the download servers are outside of the US, and I am not sure if I am
> allowed to download from one of those. If it is legal to use GPG in the
> US, from where can I legally download it?

IANAL, but, there are no domestic laws regarding the use of encryption (of
any strength) in the US by US citizens--at least in the abstract sense.
Encrypting files and sending them to another person is perfectly 100%
legal (IANAL).  

The reason the servers that offer crypto for download are outside the US
is that the one thing that IS illegal is the EXPORT of software that
provides 'strong encryption' without a license from the BXA.  In the
opinion of the US government, making strong crypto available for download
to foreigners is in violation of that. Hence the foreign servers.

*Using* GnuPG, or PGP and sending encrypted data is not illegal in and of
itself.  Of course I'm sure that there will be similar legislation enacted
along the lines of felony-with-a-gun laws that will exacerbate any
criminal charge if you used crypto while performing the act.  But that's
an issue to write your congressman about.  (As is the ITAR/EAR.)

I STRONGLY recommed that you read the brief papers that come with PGP as
part of the documentation, and in fact I would encourage Werner to make
links to a copy of it off of the GnuPG sites as it touches upon this
issue.

> 2) Is there any way I can exchange encrypted messages with PGP users
> without installing PGP myself to retrieve keys and fingerprints, and to
> prepare them for import into gpg?

I believe there is a way to request keys from key servers using email
instead of hkp tools.  Unfortunatley, that's where my knowledge ends.  You
might try <http://www.pgp.net> for more information.  That's the top level
site for the nework of PGP key servers.

C=)

P.S. ITAR/EAR =~ International Trafficing in Arms Regulations
                 Export Arms Regulations

--------------------------------------------------------------------------
    Heuer's Law: Any feature is a bug unless it can be turned off.
--------------------------------------------------------------------------
Caskey <caskey*technocage.com>       ///                pager.818.698.2306
TechnoCage Inc.                     ///|               gpg: aiiieeeeeee!!!
--------------------------------------------------------------------------
    Early bird gets the worm, but the second mouse gets the cheese.





More information about the Gnupg-devel mailing list