[4380] in Kerberos
Re: Internationalizing Kerberos V5
daemon@ATHENA.MIT.EDU (Bernhard Schneck)
Mon Dec 19 20:13:31 1994
To: kerberos@MIT.EDU
Date: 19 Dec 1994 08:54:05 +0100
From: schneck@GeNUA.DE (Bernhard Schneck)
mamros@ftp.com (Shawn Mamros) writes:
>dsharp@world.std.com (don sharp) writes:
>[... about K5-bones ...]
>Because the export rules (in the US, at least) don't allow for the export
>of code containing "hooks" into which cryptographic routines can be
>plugged in. Since the V5 code contains calls to crypto functions, it's
>not allowable even if you don't take the DES code with it.
I'm not sure if this is true.
At least while working for my former university I checked over a source
release of OSF DCE (1.0.2 or something) and it had all encryption calls
in place for the DCE Security Services (which is based on an early beta
version of Kerberos 5). There were two directories with encryption code,
one of which was empty, the other (called desneuter or something like
that) had only `bcopy' calls instead of the real stuff.
As I'm pretty sure OSF DCE does not require an individual export license
for every non-US licensee, it seems to be ok to do it like that.
\Bernhard.
--
Bernhard Schneck Bernhard.Schneck@GeNUA.DE
Gesellschaft fuer Netzwerk-
und Unix-Administration mbH Auslaender bleiben,
Leoprechtingstr. 13, 81739 Muenchen, Germany Nazis vertreiben!
