[4382] in Kerberos
Re: Internationalizing Kerberos V5
daemon@ATHENA.MIT.EDU (Brad Johnson)
Mon Dec 19 21:05:02 1994
To: kerberos@MIT.EDU
Date: 19 Dec 1994 20:53:16 -0500
From: bradcj@cam.ov.com (Brad Johnson)
Re: DCE source
Historical reference: I was one of the original members of the
OSF DCE evaluation team and the development project leader for
the first 3 releases (DCE 1.0, 1.0.1, and 1.0.2)
Points of clarification:
- OSF only releases source.
- There are 2 DCE offerings: domestic and export.
- Export version is "neutered" -- as you reference.
One of the important keys is that the government is fairly black/white
about the encryption/decryption interpretation. That is, if taking out
the cryption routines causes your application not to work (it won't
build, it won't process, it aborts, it core dumps, etc.) your
application is by definition a cypher engine. Therefore, we had to add
some small development efforts (re: the neutering and bcopy replacement
functions), specific configuration options (to choose and correctly
build domestic or export), and testing scenarios (to prove runability
sans cryption) to meet the requirements of the government.
Note most organizations are not in the business of delivering
source, like OSF, but rather libraries/binaries.
Brad Johnson
