RC4 in the UK

Kevin Hannen - SMCC IR Europe - Software Engineer (Kevin.Hannen@UK)
Wed, 30 Apr 1997 09:19:46 +0100 (BST)

Date: Wed, 30 Apr 1997 09:19:46 +0100 (BST)
From: Kevin Hannen - SMCC IR Europe - Software Engineer <Kevin.Hannen@UK>
Subject: RC4 in the UK
To: java-security@java0.javasoft.com
Message-Id: <libSDtMail.9704300919.15132.kevinha@cby-mail>

Sorry if you got this already but it got bounced at some stage so I'm sending it
again to make sure.

> Subject: RC4 in the UK
> To: java-security@java.sun.com
> Mime-Version: 1.0
> Content-MD5: yNA2B9XhqKJTNsokAVvlVw==
>
> Hi
>
> I'm looking at the possibility of using RC4 encryption technology and am based
> in the UK. Please could you provide me with the following info:
>
> 1) Is Sun licensed to use RC4 (as I expect) ?
>
> 2) If yes, is Sun licensed to export 56-bit (or otherwise limited) RC4 for use
> in the UK ?
>
> 3) If yes, can you point me to classes that I can use.
>
> 4) If the classes do not exist, can they be implemented here in the UK, in
> whatever limited form and without further licensing ?
>
> 5) If yes, how would I prove and who would it be proved to that the key length
> is limited ?
>
> 6) If the answer to 4) is no, would an alternative strategy be to implement a
> public domain algorithm, e.g. blowfish, in accordance with the java.security
> interfaces and then swap-in RC4 at a later date ?
>
> 7) If yes, can you recommend/proscribe/quote policy on what algorithm should
or
> might be used ?
>
> Thanks for any help
>
> Kev
>