From owner-freebsd-security Sun May 2 23:59:47 1999 Delivered-To: freebsd-security@freebsd.org Received: from shibumi.feralmonkey.org (shibumi.feralmonkey.org [203.41.114.182]) by hub.freebsd.org (Postfix) with ESMTP id F304114DA5 for ; Sun, 2 May 1999 23:59:40 -0700 (PDT) (envelope-from nick@shibumi.feralmonkey.org) Received: from localhost (nick@localhost) by shibumi.feralmonkey.org (8.9.2/8.9.2) with ESMTP id RAA03995; Mon, 3 May 1999 17:53:30 GMT (envelope-from nick@shibumi.feralmonkey.org) Date: Mon, 3 May 1999 17:53:29 +0000 (GMT) From: 0x1c To: Robert Watson Cc: freebsd-security@freebsd.org Subject: Re: Blowfish/Twofish In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 3 May 1999, Robert Watson wrote: > > I don't believe so, as long as they are not just crypto algorithms. I.e., > I believe our DES hashing is not exportable, whereas our MD5 hashing is. > In a sense, it's all a matter of perspective on how you use an algorithm. > It's all just mathematics, right? Sort of like you can't patent > mathematical formulas, but you can patent algorithms. :) So SHA-1 support > for FreeBSD would be quite exportable, I'd imagine, and would probably > make a worthwhile addition. I don't see Blowfish as a great addition > other than the interoperability concerns expressed previously. > > Far more important, in my mind, is making the IPsec/IPv6 code part of the > base distribution. If I really want your password, I'll sniff it or > trojan a binary once I have root, something that I already have to have to > get your password file in almost all cases. This has opened up a can of worms the last few times it was raised. Even if IPSec reached a baseline standard, instead of an evolving one, you'd need to choose which camp to integrate from (KAME or erm, NRL?), and ensure that it was available outside the US in a package format or similar. Nick > > On Mon, 3 May 1999, 0x1c wrote: > > > On a similar note, is there any restriction on one-way hashing algorithms? > > I forget. > > > > Nick > > > > On Sat, 1 May 1999, Harry M. Leitzell wrote: > > > > > I am unaware of the restriction laws placed upon the US in terms of > > > encryption. Could someone clarify them for me? > > > > > > 1) If Robert were to write code on a machine that is in a foreign > > > country, would it have been considered exported? (Xterm on a cs.hut.fi > > > machine for example to code in) Even if he is in the US while doing so? > > > > > > 2) Can we still do the moving by paper to another country and > > > scanning it in? Is that legitimate or been deemed illegal? > > > > > > 3) If I write a disk encryptor that sits on the MBR and transfer the > > > disk out of country, is that a no-no? > > > > > > Thanks > > > > > > On Sat, 1 May 1999, Robert Watson wrote: > > > > > > > > > > > So I'd gladly write this code, as well as do a number of other > > > > crypto-related things, but I'm inside the US. Someone outside the US will > > > > have to take this initiative, I'm afraid. > > > > > > > > I'd recommend against using Blowfish--go for Twofish. > > > > > > > > On Sat, 1 May 1999, Poul-Henning Kamp wrote: > > > > > > > > > In message , The Tech-Admin Du > > > > > de writes: > > > > > > > > > > >This is something i've wanted to know for a long time :).. It should adopt > > > > > >the passwd.conf settings from OpenBSD with selection of encryption, ratio, > > > > > >etc.. OpenBSD has a very good feature with that and it would be great if > > > > > >FreeBSD adopted it! :-) > > > > > > > > > > Make patches > > > > > send-pr > > > > > > > > > > -- > > > > > Poul-Henning Kamp FreeBSD coreteam member > > > > > phk@FreeBSD.ORG "Real hackers run -current on their laptop." > > > > > FreeBSD -- It will take a long time before progress goes too far! > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > with "unsubscribe freebsd-security" in the body of the message > > > > > > > > > > > > > > > > > Robert N Watson > > > > > > > > robert@fledge.watson.org http://www.watson.org/~robert/ > > > > PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 > > > > > > > > Carnegie Mellon University http://www.cmu.edu/ > > > > TIS Labs at Network Associates, Inc. http://www.tis.com/ > > > > Safeport Network Services http://www.safeport.com/ > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > with "unsubscribe freebsd-security" in the body of the message > > > > > > > > > > [-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-] > > > Harry M. Leitzell - Harry_M_Leitzell@cmu.edu > > > Carnegie Mellon University > > > Finger for PGP Public Key > > > [-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-] > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-security" in the body of the message > > > > > > > -- > > Therefore those skilled at the unorthodox are as infinite as heaven and > > earth, inexhaustible as the great rivers. -- Sun Tzu, The Art of War > > > > > > > Robert N Watson > > robert@fledge.watson.org http://www.watson.org/~robert/ > PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 > > Carnegie Mellon University http://www.cmu.edu/ > TIS Labs at Network Associates, Inc. http://www.tis.com/ > Safeport Network Services http://www.safeport.com/ > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > -- Therefore those skilled at the unorthodox are as infinite as heaven and earth, inexhaustible as the great rivers. -- Sun Tzu, The Art of War To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message