| |
| Les
apports des décrets du 25 février et 23 mars 1998 en
matière de cryptographie |
| by Alexandre Menais, Juriscom.net (04/1998) |
| |
| Analysis of the French encryption decrees of
February 1998 which define the conditions in which declarations are
made and autorisations are granted, regarding the providing of encryption
services. Explanation of the French encryption decrees of March 1998,
which define the different categories of encryption services that
do not require any formal authorization to be granted by the French
State. |
| |
| Les
problèmes posés par la législation française
en matière de chiffrement |
| by Maitre Valerie Sedallian, Juriscom.net (10/1998) |
| |
| In-depth presentation of the French and international
encryption policies, with a quick introduction about the role and
functioning of encryption. This article focuses particularly on the
problems in the encryption decrees of February 1998 : the artificial
separation of the processes of authentication and confidentiality,
the technical difficulty to estimate the strength of encryption in
regard of the French law, the legal difficulty to develop encryption
products in France, or the unpracticality, lack of security and high
cost of the trusted third party system created by the French State.
The article also presents the different initiatives carried out by
the European Union in terms of imports and exports of encryption products.
In the European Union, the export of encryption products has been
regulated by European laws since December 1994 : encryption products
which are in the public domain or are used only for authentication
purposes can be imported and exported freely among the members of
the European Union, but there is a temporary need for an authorisation
in the case of other encryption hardware and software, or in the case
of exportation or re-exportation outside the European Union. These
rules have not been respected by all the members though, particularly
France where the law does not even make any distinction between exports
to a member of the EU and a non-member, which drives the European
Union to revise its policy in 1998. |
| |
| Cryptographie
: l'exception française |
| Interview of Maitre Valerie Sedallian by Lionel
Thoumyre, Juriscom.net (12/1998) |
| |
| Critical analysis of the French Law on encryption
of July 1996. In this interview, Valerie Sedallian particularly criticizes
the need for the use of a trusted third party in order for a company
to be legally allowed to use strong encryption means. According to
her, the new system is not only difficult to implement, but also tends
to isolate France at a technological level. Indeed, the need for proprietary
technology that it creates leads to waste of developpement efforts
on technologies that are only adapted to the French market, and often
not compatible with international standards. |
| |
| La
crypto encore au fond du trou |
| by Lionel Thoumyre, Juriscom.net (02/1999) |
| |
| Presentation of the French encryption policy
before the new laws of March 1999, and the economic problems it presents
in spite of a relative liberalization in February 1998. Comparison
with the policy of the US. |
| |
| French
cryptology : the takeover by force of Jospin |
| by Jean Guisnel, Le Point (21/05/1999) |
| |
| Translation of a French article published after
the new laws on encryption of March 1999, and which narrates the events
that led to the birth of the encryption laws of March 1999, in spite
of the opposition of the French secret services. |
| |
| Preuve
et signature électronique |
| by Maitre Valerie Sedallian, Juriscom.net (09/05/2000) |
| |
| Detailed analysis of French encryption decrees
which redefine the legal concept of Proof to adapt it to the requirements
of the Information Society, and introduce the concept of electronic
signature in the French law. The concept of electronic signature which
is recognized by the French law is the electronic signature based
on the use of asymetric key ecnryption as a means of authentication
and verification of the integrity of the message sent. Interestingly,
the concrete application of the concept of electronic signature defined
in this way requires the existence and usage of Certification Authorities,
more generally defined as encryption services providers by the French
law, and gives them new powers and responsibilities as well as a recognition
at the European level, whereas the French law on encryption still
limits the use of encryption products at the country level (the service
of a trusted third party which has received the agreement of the State
is needed in order to be able to propose 128 bits encryption and more). |
| |
