Date: Sat, 15 Feb 1997 10:53:51 -0800 From: Sean Eric Fagan <sef@Kithrup.COM> To: phk@critter.dk.tfs.com Cc: security@freebsd.org Subject: Re: blowfish passwords in FreeBSD Message-ID: <199702151853.KAA17343@kithrup.com> In-Reply-To: <11871.855990294.kithrup.freebsd.security@critter.dk.tfs.com> References: Your message of "Sat, 15 Feb 1997 13:12:45 %2B1100." <19970215021245.1798.qmail@suburbia.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In article <11871.855990294.kithrup.freebsd.security@critter.dk.tfs.com> you write: >Theo belives he can export anything just because he is in Canada. It's probably worth mentioning that the new US regulations on what can be exported are frightening (although, admittedly, they were explained to me by John Gilmore, who is more than slightly biased against them ;)). In particular, John makes a point that *any code that protects against malicious attack* is prohibited by the new regulations, whether it uses cryptography or not. In other words, MD5 and buffer overflow patches are now as exportable as RSA -- namely, not without a license from the gov't. (I've also seen people claim that only code that does cryptography is covered. However, it's also quite possible that MD5 is no longer exportable, even when used as a one-way hash, if it is to be used for password "encryption.") Not that I expect this to stop anyone ;).
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702151853.KAA17343>