[2091] in Kerberos
Re: is kadmind exportable as a binary? if so, begging letter.
daemon@ATHENA.MIT.EDU (Jim Reid)
Thu Aug 13 07:22:04 1992
Date: 13 Aug 92 10:45:47 GMT
From: jim@cs.strath.ac.uk (Jim Reid)
To: kerberos@shelby.Stanford.EDU
In article <ggm.713673084@brolga> ggm@brolga.cc.uq.oz.au (George Michaelson) writes:
(1) kadmind doesn't send encypted data on the network, it listens
for such packets instead. since it doesn't GENERATE encrypted
data, I hope a binary doesn't contravene the DES export
requirements. I already have exported product to generate the
input it requires, binary only, built into a terminal server.
Your hopes overlook the utter stupidity of the US Government. As soon
as someone talks about exporting something which has "DES" or
"encryption", the Department of Commerce goes apeshit. Even though
it's OK to export encryption software for authentication purposes, an
export licence has to be obtained. DEC appear to be the only ones who
have taken the trouble to obtain an export licence for Kerberos so
far.
[The DoC also doesn't realise that DES is in the Public Domain - it's
a US Federal standard for f*ck's sake - and there are many openly
published descriptions and implementations of DES circulating around
the world.]
Good luck in getting your Kerberos troubles sorted. Methinks you might
have to bend the rules and hope Uncle Sam turns a blind eye?
Jim
