[4564] in Kerberos
Re: Kerberos 5 now available internationally
daemon@ATHENA.MIT.EDU (Joe Ramus)
Fri Feb 3 18:46:56 1995
Date: Fri, 3 Feb 95 15:17:20 PST
From: ramus@nersc.gov (Joe Ramus)
To: kerberos@MIT.EDU, bjaspan@cam.ov.com
>> To whom it may concern:
>>
>> OpenVision Technologies has recently received permission to export its
>> OpenV*Secure product, based on Kerberos V5, to sites outside the
>> United States. We are posting this message to the Kerberos mailing
>> list so as to address the frequent questions on this topic.
>>
>> Two parallel versions of the product exist, OpenV*Secure and
>> OpenV*Secure International, and the exportability status of both of
>> them has recently changed. The products are identical with the
>> following exceptions in the International version:
Congratulations to OpenVision Technologies for making this happen.
It seems like this will make it much easier for Kerberos 5 to became
widely used. The limitation noted below is unfortunate. This
will limit the value of developing applications that use Kerberos 5.
o Neither GSS-API nor Kerberos 5 programming libraries are
included.
However, it seems that a US company could develop an application that
uses only the authentication routines. As long as they do not encrypt
general data, I assume that such a product could be sold to those who
can get OpenV*Secure International.
I hope they will develop a later version that only excludes the
DES code. By including the rest of the programming libraries,
a non-US company could insert their own DES code and develop
applications that are inter-operable with the OpenVision Technologies
product.
And a special request to Barry Jaspan:
Could you post some details about OpenV*Secure ??
What patch level of Kerberos V5 is it derived from?
Does it include the "Configurable Cross-Realm Authentication" that
was developed last year by the ESnet Authenticatio Pilot Project?
----------------------------------------------------------------
| Joe Ramus NERSC Livermore (510) 423-8917 ramus@nersc.gov |
----------------------------------------------------------------
