You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Marc Slemko <ma...@worldgate.com> on 1998/01/24 04:09:39 UTC
IPSec builtin OpenBSD, still missing from FreeBSD (fwd)
The bit that he is talking about reexporting is primarily DES for crypt(),
AFAIK.
What if we allowed anyone to plug in a DLL to Apache for NT for the
password encryption? Then we ship something by default, if we aren't
happy about shipping DES then some third party can make one available for
people that need it and don't want MD5.
---------- Forwarded message ----------
>Path: scanner.worldgate.com!logbridge.uoregon.edu!ais.net!howland.erols.net!news-peer.sprintlink.net!news-backup-east.sprintlink.net!news-in-east.sprintlink.net!news.sprintlink.net!Sprint!204.156.128.20!news1.best.com!nntp2.ba.best.com!not-for-mail
>From: "Jordan K. Hubbard" <jk...@FreeBSD.org>
>Newsgroups: comp.unix.bsd.freebsd.misc
>Subject: Re: IPSec builtin OpenBSD, still missing from FreeBSD
>Date: Fri, 23 Jan 1998 18:14:22 -0800
>Organization: Walnut Creek CDROM
>Lines: 19
>Message-ID: <34...@FreeBSD.org>
>References: <mo...@pooh.tky.hut.fi> <sl...@joshua.enteract.com>
>NNTP-Posting-Host: time.cdrom.com
>Mime-Version: 1.0
>Content-Type: text/plain; charset=us-ascii
>Content-Transfer-Encoding: 7bit
>X-Trace: 885608063 27272 jkh 206.86.0.12
>X-Mailer: Mozilla 3.04 (X11; I; FreeBSD 2.2.5-STABLE i386)
>Xref: scanner.worldgate.com comp.unix.bsd.freebsd.misc:58594
Thomas H. Ptacek wrote:
> OpenBSD has had IPsec in their kernel in mainstream distribution (for
> quite some time now) because it is not developed in the United States, and
> is thus not subject to draconian ITAR regulations regarding export of
> strong cryptography. Inclusion of IPsec in FreeBSD would take a product
> currently developed in the United States, which is currently exportable
> (using MD5 for crypt()), and make it unexportable.
Which is totally untrue, unfortunately, as I've already made more than
plain in previous postings to this newsgroup. We import all of our
current encryption from South Africa, where it is principally developed,
and re-export it from Walnut Creek CDROM under the terms of the
Bernstein decision upon advice from our legal counsel. But again, I've
already talked about this before and don't need to go back over the same
ground again. Check Dejanews for back-postings on this topic.
--
- Jordan Hubbard
FreeBSD core team / Walnut Creek CDROM.