Export permits for cryptographic items

Cryptography and Information Security Product Questionnaire

1. Provide general marketing/promotional information describing the product, including the product name and version number as applicable, or other documentation or specifications related to the technology or software.

2. What cryptographic algorithms and strengths are employed and for what purposes (eg: digital signature, authentication, confidentiality of data, etc)?

3. Provide details on the product architecture. Is the cryptographic engine user-accessible or modifiable? Describe how the architecture and/or distribution method inhibit user accessibility.

4. Describe how the product architecture prohibits modification of the product-use for which it was designed. State how the product is written to preclude user modification of the encryption algorithms, key management and key space.

5. For products which incorporate an Open Cryptographic Interface, describe the Open Cryptographic Interface.

6.For products which incorporate encryption-related Application Programming Interfaces (APIs), describe the APIs that are implemented and/or supported. Explain which interfaces are for internal (private) and/or external (public) use.

7. Describe whether the cryptographic routines are statically or dynamically linked, and the routines (if any) that are provided by third-party modules or libraries. Identify the third-party manufacturers of the modules or toolkits.

8. In what form will the software be distributed/exported (e.g.: source code, object code, etc)?

9. How will the product be installed?

Is the product currently being used by any Department(s) at any level of government in Canada (either Federal, Provincial and/or Municipal)? If so, please state which one(s).

10. Is the product being considered for purchase by any Department(s) at any level of government in Canada (either Federal, Provincial and/or Municipal)? If so, please state which one(s).