From owner-freebsd-hackers@FreeBSD.ORG Tue Oct 21 14:52:12 2014 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 371FC8AA for ; Tue, 21 Oct 2014 14:52:12 +0000 (UTC) Received: from land.berklix.org (land.berklix.org [144.76.10.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BBB7591A for ; Tue, 21 Oct 2014 14:52:10 +0000 (UTC) Received: from mart.js.berklix.net (p5DCBDB4C.dip0.t-ipconnect.de [93.203.219.76]) (authenticated bits=128) by land.berklix.org (8.14.5/8.14.5) with ESMTP id s9LEmbD1056672 for ; Tue, 21 Oct 2014 14:48:40 GMT (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by mart.js.berklix.net (8.14.3/8.14.3) with ESMTP id s9LEpnSF046695 for ; Tue, 21 Oct 2014 16:51:50 +0200 (CEST) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.14.7/8.14.7) with ESMTP id s9LEpbEc023384 for ; Tue, 21 Oct 2014 16:51:49 +0200 (CEST) (envelope-from jhs@berklix.com) Message-Id: <201410211451.s9LEpbEc023384@fire.js.berklix.net> To: freebsd-hackers@freebsd.org Subject: DOC obstructs encryption export again - Non USA crypto base again ? From: "Julian H. Stacey" Organization: http://berklix.com BSD Linux Unix Consultants, Munich Germany User-agent: EXMH on FreeBSD http://www.berklix.com/free/ X-URL: http://www.berklix.com/~jhs/cv/ Date: Tue, 21 Oct 2014 16:51:37 +0200 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Oct 2014 14:52:12 -0000 How can FreeBSD best re-segregate crypto components of its repository again, ready to move crypto components outside the USA, as USA DOC imperils again ? FreeBSD is now SVN based, we were CVS last time, Any new issues to solve ? Can smooth transition be planned before, in case of risk of USA DOC action ? Last time FreeBSD used South Africa; if that's not viable, FreeBSD based servers elsewhere are available (including in .EU). http://www.theregister.co.uk/2014/10/17/intel_subsidiary_crypto_export_fine/ "US government fines Intel's Wind River over crypto exports" "Now, as Techdirt notes, the conflict between government regulation and the tech industry is moving onto the renal original turf of the first crypto wars of the late 90s - the export of strong encryption." https://www.techdirt.com/articles/20141015/13561128840/first-commerce-department-fines-intel-subsidiary-exporting-encryption.shtml "For those who lived through the late 90's cryptowars, it's beginning to feel like history is repeating itself." http://lists.gnupg.org/pipermail/gnupg-users/2014-October/051131.html "maybe the decision to keep GnuPG infrastructure out of the US - even after the lifting of the export restrictions - was not too bad." USA Dept. of Commerce were obstructive idiots even back in the early 1980s: (DOC obstructed delivery of Unix systems with crypt binary (not source), though British Unix source licencees, associates, & even the communist East were all in possesion of crypt.c source With raised world tensions on many fronts, DOC crypto export obstruction will presumably increase, with NSA encouraging DOC. A non USA base for crypto parts of the FreeBSD repository would again safeguard the world FreeBSD community from the whims of the USA DOC, & remove or reduce risk of USA prosecution of USA FreeBSD administrators & cryptographic developers. Cheers, Julian -- Julian Stacey, BSD Linux Unix'78 C Sys Eng Consultant Munich http://berklix.com Indent previous with "> ". Interleave reply paragraphs like a play script. Send plain text, not quoted-printable, HTML, base64, or multipart/alternative.