RSA Data Security Inc has opened its first development center outside the United States in Brisbane, Australia. The new organization, RSA Data Security Australia Pty Ltd, will develop and sell security products with strong encryption. Its maiden offering, BSAFE SSL-C, a protocol-level toolkit for developers, is available now. The company says BSAFE SSL-C is the first full- strength RSA security protocol product to be offered to worldwide markets. Except under special circumstances, it is illegal to export greater-than-40-bit encryption from the USA. This ban, a holdover from World War Two, has been a boon for offshore cryptography companies like Ireland’s Baltimore Technologies and a thorn in the side of their US-based competitors like RSA. In a conference call, RSA president Jeff Bidzos tried to downplay the export ban as a motivator of the Australian launch. He said he welcomed the liberalized export regime announced by Vice President Al Gore in September 1998 (CI No 3,497), under which US software firms may export 56-bit encryption to overseas financial institutions, health care and e-commerce organizations and subsidiaries of US companies. He also applauded the December decision by the 33 signatory nations to the Wassenaar treaty to work towards uniform encryption regimes. Bidzos said, however, that these reforms do not go far enough and that further liberalization is fully warranted. In the current environment, the only way for RSA to compete with rivals like Baltimore in global markets is to move production of its encryption software offshore. This is exactly what it has done. Australia was a natural fit, Bidzos observes, because of the cryptographic expertise available there in both the academic and the private sectors. RSA Data Security Australia has hired Australians Eric Young and Tim Hudson. They are the authors of SSLeay, the free implementation of Netscape’s Secure Sockets Layer on which B-SAFE SSL-C is based.