Date: Tue, 27 Jun 1995 11:44:37 +0200 From: Mark Murray <mark@grondar.za> To: geoff@ufrmsa1.olivetti.za, Wollman@halloran-eldar.lcs.mit.edu, gibbs@freefall.cdrom.com, rgrimes@gndrsh.aac.dev.com, current@freebsd.org Subject: More crypto proposals. Message-ID: <199506270944.LAA17659@grumble.grondar.za>
next in thread | raw e-mail | index | archive | help
Hi Well! That last one certainly sparked off a lively debate! Who said the art of negotiation was dead? I am certainly making policy progress here, so thank you all for your input. I'm not going to rehash it all here - just the bits that need it: 1) We have been offered a machine to run the crypto CVS on. This is skeleton.mikom.csir.co.za, and is the same machine that I use as the master FTP site for the non-US crypt code. The machine is run by (I may not have the name totally right) the Computer Security Group of the Council for Scientific and Industrial Research (CSIR) in South Africa, and these blokes are committed. I think that this meets the requirement of the site not being a `fly-by-night'; they will be around for a loooong while. Geoff Rehmet has offered to set up this machine for CVS. 2) Geoff has expressed an interest in getting back into the `swing of things, and wants to work with me on the secure code. He is happy to help out, but does not want to lead the project. 3) I recognise some grave reservations that the US folk have with a lot of the crypto code I am proposing (SSLeay). I would now like to open _another_ can of worms by making this proposal: In the (distant) past, the US folks have made their own crypto libraries, and it has been up to _us_ to track _them_. If we are running a non-US crypto site, and we are not subject to US law in this regard, how would the US residents feel about us making the non-US code as _we_ like it? (Well, more or less - I am not talking free reign here, nor am I trying to start a splinter movement. I am just trying to come up with a mechanism to provide this code to many folks who want/need it.) Obviously this would be done in such a way as to _not_ make it look as though you are `co-operating', so you could not be busted, but it would fit seamlessly into [y]our code. This way, as things develop, you could track us. The way this could be done is for us to just build our `secure' so the standard targets work - obj, all, install, distribute etc. The main src/Makefile can then just use these if `secure' exists. So what changes? `our' code gets a little ahead of `yours', and there is nothing to stop you tracking _us_. Bottom line, this could still be (as Rod and Garrett point out) put into the ports distribution. I would prefer to not do this, as from communications I have had with Eric Young, I believe that some form of SSL will become ubiquitous - and after SSLeay gets posted, a floodgate will open. What say? M -- Mark Murray 46 Harvey Rd, Claremont, Cape Town 7700, South Africa +27 21 61-3768 GMT+0200
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199506270944.LAA17659>