From owner-freebsd-security Mon Jul 24 12:57:58 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.11/8.6.6) id MAA08297 for security-outgoing; Mon, 24 Jul 1995 12:57:58 -0700 Received: from gndrsh.aac.dev.com (gndrsh.aac.dev.com [198.145.92.241]) by freefall.cdrom.com (8.6.11/8.6.6) with ESMTP id MAA08287 ; Mon, 24 Jul 1995 12:57:55 -0700 Received: (from rgrimes@localhost) by gndrsh.aac.dev.com (8.6.11/8.6.9) id MAA19765; Mon, 24 Jul 1995 12:56:37 -0700 From: "Rodney W. Grimes" Message-Id: <199507241956.MAA19765@gndrsh.aac.dev.com> Subject: Re: secure/ changes... To: mark@grondar.za (Mark Murray) Date: Mon, 24 Jul 1995 12:56:37 -0700 (PDT) Cc: mark@grondar.za, pst@stupi.se, rgrimes@freebsd.org, security@freebsd.org, freebsd-foreign-secure@grondar.za In-Reply-To: <199507241748.TAA25615@grumble.grondar.za> from "Mark Murray" at Jul 24, 95 07:48:45 pm X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Length: 1684 Sender: security-owner@freebsd.org Precedence: bulk > > > > > Question: How will we keep the external-to-US and internal-to-US > > > > repositories in sync? All we need to do is regularly import and > > > > diff the repositories, or better yet, just make the US secure a > > > > slave to the ZA secure CVS repository. > > > > > > I like these ideas. Lets just do the regular diffs to start off, > > > and see how it goes later. I have a ton of work to do to get these > > > under way, and I need to clear a lot of email right now.. > > > > As already pointed out no less than 2 times, DES is a munition, importing > > munitions is just as regulated as exporting them. Makeing freefall's cvs/ > > secure bits a slave to the ZA site is just as much a problem as exporting > > the bits from freefall :-(. > > I buy that. How do we explain though, that our eBones (which is in the > same class) and our DES are clearly documented as having come from > Australia? Is the FreeBSD code already in the muck? (I need to know, 'cos > I'm going to upgrade or modify both of these soon) Sean says I am wrong, well, perhaps I am, but last time I checked encryption software was still on the munitions list, and anything on that list is subject to import as well as export regulations. If infact encryption software has been removed from the munitions lists we are probably fine to import it. Some one care to go deal with our lovely state department??? [I don't want to deal with another US government agency right now, the IRS is being a royal pain in the *ss for me right now :-(] -- Rod Grimes rgrimes@gndrsh.aac.dev.com Accurate Automation Company Reliable computers for FreeBSD