Date: Fri, 23 Jun 1995 02:41:48 -0700 (PDT) From: "Rodney W. Grimes" <rgrimes@gndrsh.aac.dev.com> To: jhs@vector.eikon.e-technik.tu-muenchen.de (Julian Stacey) Cc: FreeBSD-current@FreeBSD.Org (FreeBSD current) Subject: Re: DES, crypt and eBones Message-ID: <199506230941.CAA10181@gndrsh.aac.dev.com> In-Reply-To: <199506222310.BAA04270@vector.eikon.e-technik.tu-muenchen.de> from "Julian Stacey" at Jun 23, 95 01:10:07 am
next in thread | previous in thread | raw e-mail | index | archive | help
[CC: trimmed to -current, all of those folks should be on there] > > > > but without > > a site as devoted to FreeBSD as freefall by corporate dollar I don't see > > us moving the bits any place. > > gil.physik.rwth-aachen.de is backed by the German government's Deutsche Mark, > it's been available as a `volunteer host' for a long time, it's just lacking > people doing things on it (it is of course a FreeBSD host). And government backing is not garanteed to stay around, infact that is the kind that suddenly dissapears on you when you least expect it. Isn't that a university machine that will probably go away when Christoph P. Kukulies leaves the university (say, like after graduation). > If we mirror the src cvs & majordomo security lists from the non-USA master > site to a backup site, _and_ to freefall, we will have more > security against any one site or regime causing problems, than > we do for the rest of the code base. Some one has already pointed out the flaw in that plan, importing as well as exporting munitions is a violation of State Department regulations. DES, and for that mater most encryption software, is classified as a minution by the US State Department, and many foreign governments. > A South African or German site could be ideal as crypt master. > All the US folks could continue to sup off their USA mirror of the SA > or German master site, but we'd be a step away from USA gov't interference. > > We could also put a short README in all the directories, saying that as the > USA Government discriminates against non USA citizens & persecutes its own > citizens, that anyone using crypt code should refuse to provide any > information whatsoever regarding code derivation to any USA government person. It is a criminal act to ``refuse to provide any information'' if the requester is any form of US policing agency. A sure fire way to land yourself behind bars in a hurry. Alls they have to do is get a Sepona for the information, and then find you in contempt of court when you fail to produce it. > The purpose being to allay fears of our USA BSD friends. > The notice itself should be drafted by a non USA person (Mark or Paul ?) > and generally agreed to by core@freebsd The act of doing this could be considered treason and or a conspiracy to defraud the federal government. I think that would hold true in almost any country. > Perhaps our notice should be the corollory of the USA notice ? > Our notice should be phrased to be as equally obnoxious to the USA > government, as their notice is that they force on USA FTP sites, > where one is instructed to ask the local USA embassy's ruling on how USA > national law overides local national law. > (Correct answer: not at all, each nation has it's own sovereign jurisdiction) It does when you are accessing a machine within the USA. > Those CVS commiters who are USA based could be offered the choice of > being included or excluded from CVS access lists (thus they could say to > the US authorities: > "Hey, don't blame, I didn't do that, I don't even have write access" ) That is not a reasonable defense and would not work as one, especially for any one who had root access or prior knowledge of the law being broken (can you say passive accompliss(sp)). > Our Crypt code work should be done outside the USA, if the link between > USA & SA is too slow or low bandwidth try `gil' by the German/Belgian border, > a couple of core@freebsd people (Rod & ?) already have logins for that host. > > gil.physik.rwth-aachen.de is controlled by kuku@acds.physik.rwth-aachen.de Then allow Mr. Kukulies to offer the services, not you. -- Rod Grimes rgrimes@gndrsh.aac.dev.com Accurate Automation Company Reliable computers for FreeBSD
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199506230941.CAA10181>