Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!news.ysu.edu!odin.oar.net!malgudi.oar.net!imci4!newsfeed.internetmci.com!news1.erols.com!newsmaster@erols.com From: Ken Bigelow <kbigelow@www.play-hookey.com> Newsgroups: comp.unix.admin,comp.unix.bsd.bsdi.misc,comp.unix.bsd.freebsd.misc,comp.unix.bsd.misc Subject: Re: DES worses MD5 password file Date: Mon, 01 Jul 1996 13:49:11 -0700 Organization: Erols Internet Services Lines: 24 Message-ID: <31D839C7.B37@www.play-hookey.com> References: <4qhuas$m6o@news.idt.net> <4qs2ff$b1f@cynic.portal.ca> <4qtqme$h3k@innocence.interface-business.de> <DtvIvo.57@ora.de> NNTP-Posting-Host: kenjb05.play-hookey.com Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailer: Mozilla 2.02 (Win16; I) Xref: euryale.cc.adfa.oz.au comp.unix.admin:44309 comp.unix.bsd.bsdi.misc:4190 comp.unix.bsd.freebsd.misc:22567 comp.unix.bsd.misc:1185 Christoph Badura wrote: > > In <4qtqme$h3k@innocence.interface-business.de> j@ida.interface-business.de (J Wunsch) writes: > >Convince your government(s) about this first. Remember that it hasn't > >really been the stronger MD5 algorithm alone that forced FreeBSD to > >pick a non-DES password encryption algorithm in the first place, but > >rather the braindead policy of the US government. > > Where is the problem with the government? Perhaps you didn't notice that > the international version of the 4.4-lite CD-ROM includes source for > the password DES function. > > AFAIK both BSDI and NetBSD have no trouble exporting DES based password > encryption. There are two levels, as with a number of other things. Netscape runs into the same problem, as do other programs that involve encryption. Programs that remain entirely inside the USA can have longer encryption keys than programs slated for world-wide export. Personally, I'd prefer something like PGP for individual messages, or MD5 as used in FreeBSD. I consider them to be significantly more secure. Ken