Date: Mon, 17 Feb 1997 23:25:20 +0100 (MET) From: Mikael Karpberg <karpen@ocean.campus.luth.se> To: mark@quickweb.com (Mark Mayo) Cc: security@freebsd.org Subject: Re: blowfish passwords in FreeBSD Message-ID: <199702172225.XAA21874@ocean.campus.luth.se> In-Reply-To: <Pine.BSF.3.94.970217160548.10948A-100000@vinyl.quickweb.com> from Mark Mayo at "Feb 17, 97 04:13:08 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
According to Mark Mayo: [...] > For DES, yes.... I wasn't really thinking abut the DES distribution, but > for future crypto distributions. The problem is that the 'main' FreeBSD > distribution site (ftp.freebsd.org) cannot export DES or other crypto > software to other coutries - for people in other parts of the world, who > perhaps aren't aware of the problems with the US gov.'s export laws right > now, it can be a little confusing when tey are told at install time that > because they don't live in the US they can't install DES/Kerberos... I > guess maybe the FTP install could be setup to automagically use a non-US > server when the user picks a sensitive crypto package? That would be GREAT! If nothing else, when you choose DES, just pop up a requester and say "Are you within the USA? (Yes/No/Cancel)" and default it to cancel. I for one haven't bothered to install DES because it seems too much of a hassle. If you could just say "No, I'm not from the USA" and have sysinstall try a few Non-US sites and get the DES if you tried to install from a site called .edu/.us or .org/.com known to be US, or so. I dunno. Something at least. Something the user basically just have to say "No, I'm not from the USA" to, and it would do the rest. Period. Jordan? :-) Just my $0.02... /Mikael
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702172225.XAA21874>