[4499] in Kerberos
Re: kerberos5 exportability
daemon@ATHENA.MIT.EDU (Bernhard Schneck)
Wed Jan 18 20:10:23 1995
To: kerberos@MIT.EDU
Date: 18 Jan 1995 11:58:36 +0100
From: schneck@GeNUA.DE (Bernhard Schneck)
marc@cam.ov.com (Marc Horowitz) writes:
>[...about making k5 exportable...]
>Now, I've thought about this, and it appears that one could produce an
>exportable version of kerberos simply by removing DES from the
>cryptoswitch, and writing a dummy mechanism to replace it so things
>could compile and function, albeit insecurely.
This appears what has been done in the DCE sources (at least in version
1.0.1 which I worked with at my university). They had e `neuter' library
which had bcopy calls instead of the real stuff for all crypto calls.
However, I guess the problem is not getting it done, but getting someone
to sign a paper saying this 5bones version can be legally exported.
There's probably some administrative fees (bribes? :-) involved, and
who (in the US) would be willing to pay these and go through all the
hassle of getting it approved? They can already have it, and we can't
do the hacking, paper and lobbying work required.
Of course these guy's would have the eternal gratitue of the rest of
the world ... how about volunteering, Marc? :-)
\Bernhard.
--
Bernhard Schneck Bernhard.Schneck@GeNUA.DE
Gesellschaft fuer Netzwerk-
und Unix-Administration mbH Auslaender bleiben,
Leoprechtingstr. 13, 81739 Muenchen, Germany Nazis vertreiben!
