From owner-freebsd-security Sun May 2 8: 9:38 1999 Delivered-To: freebsd-security@freebsd.org Received: from ns1.yes.no (ns1.yes.no [195.204.136.10]) by hub.freebsd.org (Postfix) with ESMTP id 77080151B4 for ; Sun, 2 May 1999 08:09:36 -0700 (PDT) (envelope-from eivind@bitbox.follo.net) Received: from bitbox.follo.net (bitbox.follo.net [195.204.143.218]) by ns1.yes.no (8.9.1a/8.9.1) with ESMTP id RAA16760; Sun, 2 May 1999 17:09:35 +0200 (CEST) Received: (from eivind@localhost) by bitbox.follo.net (8.8.8/8.8.6) id RAA33176; Sun, 2 May 1999 17:09:29 +0200 (MET DST) Date: Sun, 2 May 1999 17:09:29 +0200 From: Eivind Eklund To: Mark Murray Cc: freebsd-security@FreeBSD.ORG Subject: Re: Blowfish/Twofish Message-ID: <19990502170929.B32819@bitbox.follo.net> References: <21634.925539195@critter.freebsd.dk> <19990502144906.E23950@bitbox.follo.net> <199905021458.QAA02696@greenpeace.grondar.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.1i In-Reply-To: <199905021458.QAA02696@greenpeace.grondar.za>; from Mark Murray on Sun, May 02, 1999 at 04:58:29PM +0200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sun, May 02, 1999 at 04:58:29PM +0200, Mark Murray wrote: > Eivind Eklund wrote: > > On Sat, May 01, 1999 at 03:07:30PM -0400, Robert Watson wrote: > > > So I'd gladly write this code, as well as do a number of other > > > crypto-related things, but I'm inside the US. Someone outside the US will > > > have to take this initiative, I'm afraid. > > > > For this application, being inside the US is probably not a problem. > > The way I would implement this is to use OpenSSL (formerly SSLeay) > > through their library interface, dlopen() the library, and only > > support Blowfish passwords if the library is available. As what > > you'll be writing is authentication infrastructure, not encryption > > infrastructure, exporting it is not a problem. I do not know of any > > country that forbid export of authentication infrastructure. > > _Way_ overkill. A far simpler structure can easily be built by hand. I do not understand what you mean - elaborate? Dynamically linking in a new library if it is present is not very difficult - do you mean that OpenSSL has too complicated an API? Or what is it you're trying to say? Eivind, confused. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message