Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!news.wildstar.net!news.sdsmt.edu!news.mid.net!newsfeeder.gi.net!newsfeed.internetmci.com!news.mathworks.com!fu-berlin.de!news.belwue.de!news.bawue.de!luva.lb.bawue.de!luva.lb.bawue.de!not-for-mail From: migieger@luva.lb.bawue.de (Michael Giegerich) Newsgroups: comp.unix.admin,comp.unix.bsd.bsdi.misc,comp.unix.bsd.freebsd.misc,comp.unix.bsd.misc Subject: Re: DES worses MD5 password file Date: 2 Jul 1996 07:56:34 +0200 Organization: BaWue-Net Ludwigsburg Lines: 36 Message-ID: <4radmi$ddk@luva.lb.bawue.de> References: <4qhuas$m6o@news.idt.net> <4qtqme$h3k@innocence.interface-business.de> <DtvIvo.57@ora.de> <4r9eba$pq9@helena.MT.net> NNTP-Posting-Host: luva.lb.bawue.de Xref: euryale.cc.adfa.oz.au comp.unix.admin:44345 comp.unix.bsd.bsdi.misc:4199 comp.unix.bsd.freebsd.misc:22630 comp.unix.bsd.misc:1191 In article <4r9eba$pq9@helena.MT.net>, Nate Williams <nate@sneezy.sri.com> wrote: >In article <DtvIvo.57@ora.de>, Christoph Badura <bad@ora.de> wrote: >>In <4qtqme$h3k@innocence.interface-business.de> j@ida.interface-business.de (J Wunsch) writes: >>>Convince your government(s) about this first. Remember that it hasn't >>>really been the stronger MD5 algorithm alone that forced FreeBSD to >>>pick a non-DES password encryption algorithm in the first place, but >>>rather the braindead policy of the US government. >> >>Where is the problem with the government? Perhaps you didn't notice that >>the international version of the 4.4-lite CD-ROM includes source for >>the password DES function. > >If so it's an error since it's *NOT* supposed do. > >>AFAIK both BSDI and NetBSD have no trouble exporting DES based password >>encryption. > >Then you don't know very well, since both BSDi and NetBSD don't export >their DES password encryption. (At least on purpose) At least BSDI does. crypt.c contains the full DES code (actually sccsid tells version "8.1.1.1 (Berkeley) 8/18/93"). And Net/2 dist of BSD did too. Out of curiosity I once asked BSDI why they could export crypt.c when others wouldn't. They answered that under certain circumstances it's legal. Some- thing like "it's allowed if you pack the code into programs that don't allow en/decryption of arbitrary files" - as for example DES en/decryption of passwords. What's not allowed is to export utilities like bdes - and in fact those are missing from the distribution. -- Michael Giegerich, E-Mail: migieger@luva.lb.bawue.de, Voice: +49 7144 39337