home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!elroy.jpl.nasa.gov!swrinde!mips!newsun!gateway.novell.com!terry
- From: terry@npd.Novell.COM (Terry Lambert)
- Newsgroups: comp.unix.bsd
- Subject: Re: 386bsd security enhancements are needed before using INTERNET!
- Message-ID: <1992Jul27.173631.4223@gateway.novell.com>
- Date: 27 Jul 92 17:36:31 GMT
- References: <l74ebkINN1sd@neuro.usc.edu>
- Sender: news@gateway.novell.com (NetNews)
- Organization: Novell NPD -- Sandy, UT
- Lines: 24
- Nntp-Posting-Host: thisbe.eng.sandy.novell.com
-
- In article <l74ebkINN1sd@neuro.usc.edu> merlin@neuro.usc.edu (merlin) writes:
- >As far as use of 'crypt' for password authentication -- i have been told
- >by our local legal people that this is a permitted exception to the well
- >known prohibition against unlicensed export of cryptographic codes. The
- >fact of the matter is that the precompiled password authentication codes
- >present absolutely no risk to national security.
-
- The problem is the ability to distribute source. One of the base
- intentions of 386BSD, from what I have seen, is to make everything freely
- redistributable *in source form*. While it is certainly possible to do
- this, and there are even previous postings telling how to do this, the fact
- that you have to FTP a DES library makes any such soloutions gray. In any
- case, it is unlikely that the government would just stand by if the DES
- code from Australia became part of the 386BSD distribution.
-
- Perhaps the poster of the original method would be willing to
- provide a binary "install kit" as you suggest?
-
- Terry Lambert
- terry_lambert@gateway.novell.com
- terry@icarus.weber.edu
- ---
- Disclaimer: Any opinions in this posting are my own and not those of
- my present or previous employers.
-
