|It may not be exportable but it's definately been exported, I've seen a fully |working version of Kerberos running here in Australia and once it's out |of the US its perfectly legal to use it. |As well as the full version being exported illegally, people have built |the bones kerberos back to a working version by combining it |with other implementations of DES outside the US. Just go look at some of |those FTP sites in Norway. Thus proving the idiocy of ITAR yet again... About all export restrictions on this stuff seem to accomplish is criminalizing and inhibiting the sharing of data designed to meet security needs. i.e. they do a great job of screwing the good guys. Needless to say it also throws the US behind the curve in crypto and security development too in many respects. You would think that the US's history of piss poor performance in cryptographic security would provide a foundation for learning. Apperently not though. Sorry to get political, but I do security, and belive in privacy, and have fundemental disagreements with the idea of forign & domestic monitoring. Basicly I get pretty ticked over this issue... Tim ________________________________________________________________ tfs@vampire.science.gmu.edu (NeXTmail, MIME) Tim Scanlon George Mason University (PGP key avail.) Public Affairs I speak for myself, but often claim demonic posession