[32494] in North American Network Operators' Group
Re: ssh access to cisco and "unfriendlies"
daemon@ATHENA.MIT.EDU (Jim Mercer)
Thu Nov 23 12:07:58 2000
Date: Thu, 23 Nov 2000 12:06:02 -0500
From: Jim Mercer <jim@reptiles.org>
To: theo <tb@rimail.com>
Cc: nanog@merit.edu
Message-ID: <20001123120601.B26137@reptiles.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <3A1D4B76.2F4A839E@rimail.com>; from tb@rimail.com on Thu, Nov 23, 2000 at 05:53:11PM +0100
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, Nov 23, 2000 at 05:53:11PM +0100, theo wrote:
> > however, it is my understanding that IPSec will require 3des. so, while
> > i can have quasi-encrypted config access, i can't use the new and improved
> > VPN technology without 3des.
> >
>
> hmmm, I think you can still run ipsec tunnels with des only. But still
> the argument counts that you are not using the latest encryption technology.
i have no interest in using the latest crypto gunge in "restricted" countries.
i would like to 3des enable my local (canadian) routers, so that i can use
3des with my canadian/US/UK customers.
> > i wonder if uunet/teleglobe/cable-and-wireless have gotten special
> > permission to run 3des capable routers on their networks. i'm sure
> > that all three are supplying network services to countries not on
> > that list.
>
> very good question. My interpretation of the licence agreement is that
> they can do so in the "listed" countries *only* but not in the rest.
my interpretation is that they can't use it in their enterprise if they
are providing "network services" with countries _not_ listed.
> I still don't understand though how others (some unix os for
> example) ship 3des with public domain software.
my understanding is that the various unix OS's use crypto gunge that was
developed outside the US, or which the US has deemed ok-for-export.
there is another element, which was the patent on the RSA stuff, which has
now expired.
--
[ Jim Mercer jim@reptiles.org +1 416 410-5633 ]
[ Reptilian Research -- Longer Life through Colder Blood ]
[ Don't be fooled by cheap Finnish imitations; BSD is the One True Code. ]
