From owner-freebsd-security Sun May 2 5:49:15 1999 Delivered-To: freebsd-security@freebsd.org Received: from ns1.yes.no (ns1.yes.no [195.204.136.10]) by hub.freebsd.org (Postfix) with ESMTP id F09B215222 for ; Sun, 2 May 1999 05:49:11 -0700 (PDT) (envelope-from eivind@bitbox.follo.net) Received: from bitbox.follo.net (bitbox.follo.net [195.204.143.218]) by ns1.yes.no (8.9.1a/8.9.1) with ESMTP id OAA15326; Sun, 2 May 1999 14:49:07 +0200 (CEST) Received: (from eivind@localhost) by bitbox.follo.net (8.8.8/8.8.6) id OAA24508; Sun, 2 May 1999 14:49:06 +0200 (MET DST) Date: Sun, 2 May 1999 14:49:06 +0200 From: Eivind Eklund To: Robert Watson Cc: Poul-Henning Kamp , The Tech-Admin Dude , Brian Beaulieu , freebsd-security@FreeBSD.ORG Subject: Re: Blowfish/Twofish Message-ID: <19990502144906.E23950@bitbox.follo.net> References: <21634.925539195@critter.freebsd.dk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.1i In-Reply-To: ; from Robert Watson on Sat, May 01, 1999 at 03:07:30PM -0400 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, May 01, 1999 at 03:07:30PM -0400, Robert Watson wrote: > So I'd gladly write this code, as well as do a number of other > crypto-related things, but I'm inside the US. Someone outside the US will > have to take this initiative, I'm afraid. For this application, being inside the US is probably not a problem. The way I would implement this is to use OpenSSL (formerly SSLeay) through their library interface, dlopen() the library, and only support Blowfish passwords if the library is available. As what you'll be writing is authentication infrastructure, not encryption infrastructure, exporting it is not a problem. I do not know of any country that forbid export of authentication infrastructure. Eivind. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message