[5573] in Kerberos
Re: Exporting Kerberos
daemon@ATHENA.MIT.EDU (This space intentionally left blan)
Mon Jul 31 13:28:26 1995
To: kerberos@MIT.EDU
Date: 31 Jul 1995 16:25:23 GMT
From: mike@vishnu.eco.twg.com (This space intentionally left blank)
In article <9507281859.AA02132@foreigner.class.udg.mx>, zgj16234@foreigner.class.udg.mx (Jose Zaragoza Garcia) writes:
>
>We need to implement an authentication service in our center and we think
>'Kerberos' is the better option. But we know about the regulations in your
>country to export this system. We know that 'Bones' is an alternative to the
>problem, but we wish to implement 'the real and complet Kerberos'.
"Bones" won't help you. It lets kerberized programs run, but it doens't
provide any security.
>If necessary, we want to obtained the specific licenses from the United State
>Government to export the software.
I believe the license is needed by the exporter. I also believe it is
specific to each copy transfered, has to name the person or entity recieving
it, and has to contain safeguards to make sure that it doesn't get re-routed
to someone else. After all, this is dangerous military stuff here, right?
It's not like anyone anywhere else in the world could actually implement
this kind of code...not even with the algorithms published in readily
available documents. No, only in the United States do we have people
with the capabilities to actually implement DES. The rest of the world can
not obtain this extremely dangerous stuff unless they get it from the
U.S.A., so if we control export, we are safe, hence the tight export
controls. (I hope that the heavy sarcasm is coming through translation
OK... :^).
>Can you give us information to go to the right way ?
I hear rumors that there are lawsuits in progress to make the U.S.
government cease this rediculous and pointless restraint of free trade, but
since our courts can sometimes take years to reach a decision, and there's
no guarantee that the State Department won't claim "National Security" as
an excuse to ignore the courts anyway, I'd suggest buying your software from
someone outside the United States. I haven't heard of any other government
on the planet with such rediculous restrictions on the export of this
software.
It would be different if there was something secret involved, but with the
algorithms published, there's little point in restricting the sale of
implementations. Any decent programmer could implement DES in a day, and
anyone with an illegal reason to want it can certainly pay for it to be done
if they can't do it themselves. The U.S. State Department has put
themselves in the silly-looking position of fencing a few miles of beach to
keep people from stealing the ocean...
-- Mike "I'd laugh if I weren't so disgusted" Bartman --
==============================================================================
| I didn't really say all the things that I said. You probably didn't read |
| what you thought you read. Statistics show that this whole thing is more |
| than likely just a hideous misunderstanding. |
==============================================================================
==============================================================================
If you can't blind 'em with brilliance, baffle 'em with B.S.
------------------------------------------------------------------------------
