Return to BSD News archive
Newsgroups: comp.unix.bsd Path: sserve!manuel!munnari.oz.au!mips!mips!newsun!gateway.novell.com!terry From: terry@npd.Novell.COM (Terry Lambert) Subject: Re: 386bsd security enhancements are needed before using INTERNET! Message-ID: <1992Jul27.173631.4223@gateway.novell.com> Sender: news@gateway.novell.com (NetNews) Nntp-Posting-Host: thisbe.eng.sandy.novell.com Organization: Novell NPD -- Sandy, UT References: <l74ebkINN1sd@neuro.usc.edu> Date: Mon, 27 Jul 1992 17:36:31 GMT In article <l74ebkINN1sd@neuro.usc.edu> merlin@neuro.usc.edu (merlin) writes: >As far as use of 'crypt' for password authentication -- i have been told >by our local legal people that this is a permitted exception to the well >known prohibition against unlicensed export of cryptographic codes. The >fact of the matter is that the precompiled password authentication codes >present absolutely no risk to national security. The problem is the ability to distribute source. One of the base intentions of 386BSD, from what I have seen, is to make everything freely redistributable *in source form*. While it is certainly possible to do this, and there are even previous postings telling how to do this, the fact that you have to FTP a DES library makes any such soloutions gray. In any case, it is unlikely that the government would just stand by if the DES code from Australia became part of the 386BSD distribution. Perhaps the poster of the original method would be willing to provide a binary "install kit" as you suggest? Terry Lambert terry_lambert@gateway.novell.com terry@icarus.weber.edu --- Disclaimer: Any opinions in this posting are my own and not those of my present or previous employers.