From owner-freebsd-current Tue Jun 20 10:53:57 1995 Return-Path: current-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id KAA00521 for current-outgoing; Tue, 20 Jun 1995 10:53:57 -0700 Received: from lambda (lambda.demon.co.uk [158.152.17.124]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id KAA00511 for ; Tue, 20 Jun 1995 10:53:53 -0700 Received: (from paul@localhost) by lambda (8.6.11/8.6.9) id RAA05174; Tue, 20 Jun 1995 17:37:33 +0100 From: Paul Richards Message-Id: <199506201637.RAA05174@lambda> Subject: Re: DES, crypt and eBones To: rgrimes@gndrsh.aac.dev.com (Rodney W. Grimes) Date: Tue, 20 Jun 1995 17:36:18 +0100 (BST) Cc: mark@grondar.za, FreeBSD-current@freebsd.org In-Reply-To: <199506170737.AAA06445@gndrsh.aac.dev.com> from "Rodney W. Grimes" at Jun 17, 95 00:37:06 am Reply-to: paul@freebsd.org X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=UK-ASCII Content-Transfer-Encoding: 8bit Content-Length: 1544 Sender: current-owner@freebsd.org Precedence: bulk In reply to Rodney W. Grimes who said > > > It is still dangerous, as the State Department could start with us, find > out how we brought it back in, go to you, and trace backwards to the > source. Though we may have not exported it, we sure as heck where acting > as a party to a known crime. > > I would rather just stay away from the Kerberos code... > This is just passing the buck though (and is relevant for the crypt code in general and not just kerberos). Either you (i.e. those in the US) import work that is based on a site outside the US or we (i.e outside the US) grab the work that you do and very clearly break the export laws. Basing the work at a site outside the US and importing it seems the better of the two. I agree with Poul, we should move the non-exportable code to a "safe" site and call it secure.freebsd.org. It can become an official distribution site that everyone can import from. The arguments I've heard against this are self-centered i.e. I'm not working on the code if it's not conveniently sited at freefall, well tough, we (outside the US) have to put up with this why should the US contributers suffer *very little* when making infrequent contributions to the secure code. Mark's doing most of the work and this would be perfectly legal in any interpretation, site the stuff on his machine. No more problems. -- Paul Richards, Bluebird Computer Systems. FreeBSD core team member. Internet: paul@FreeBSD.org, http://www.freebsd.org/~paul Phone: 0370 462071 (Mobile), +44 1222 457651 (home)