[1363] in WWW Security List Archive
Re: Digest Authentication
daemon@ATHENA.MIT.EDU (Simon Spero)
Sun Dec 31 19:17:47 1995
Date: Sun, 31 Dec 1995 14:00:31 -0800 (PST)
From: Simon Spero <ses@tipper.oit.unc.edu>
To: Dan Stromberg - OAC-DCS <strombrg@hydra.acs.uci.edu>
cc: "Allan M. Schiffman" <ams@terisa.com>,
http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com,
www-security@ns2.rutgers.edu
In-Reply-To: <199512312109.NAA19361@bingy.acs.uci.edu>
Errors-To: owner-www-security@ns2.rutgers.edu
Just to reiterate: Keyed-MD5 and in general all technologies that are
used soley for authentication and not privacy, are not treated as
munitions under 121.1.XIII.b. I'm not a lawyer, but this is what I've
been told by lawyers.
There was a thread on this subject on cypherpunks about 6-8 weeks ago -
take a look at the archives for more citations on this.
Simon
(defun modexpt (x y n) "computes (x^y) mod n"
(cond ((= y 0) 1) ((= y 1) (mod x n))
((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
(t (mod (* x (modexpt x (1- y) n)) n))))
