[319] in Kerberos
re: DEC's lawyers on DES
daemon@TELECOM.MIT.EDU (Jerome H. Saltzer)
Fri Feb 19 13:14:51 1988
To: kerberos@ATHENA.MIT.EDU
Cc: tony@ATHENA.MIT.EDU, champine@ATHENA.MIT.EDU, wfhogue@ATHENA.MIT.EDU,
Cc: rivest@LCS.MIT.EDU
In-Reply-To: Win Treese <treese@ATHENA.MIT.EDU>'s message of Fri, 19 Feb 88 12:04:12 EST
From: Jerome H. Saltzer <Saltzer@ATHENA.MIT.EDU>
> Posted to the net; it seems to be relevant.
It certainly is. I was expecting that this is where the issue of DES
exportability would come out, and I'm happy to see that someone has
analyzed the issue with some clarity. We may see some more debate on
the net, but I suspect that the conclusion isn't going to change.
My interpretation of what it all means for Kerberos is as follows:
1. We should segregate and label the DES library from the rest of
Kerberos; it is clearly subject to export licensing.
2. We should create a non-cryptographic replacement for the DES
library (the present DES-NOOP might qualify, though its name is
misleadingly wrong; if we can convince ourselves that a single XOR
with an unchanging 56-bit key isn't a cryptographic transformation
then that might be more suitable.)
3. We can't place the real DES library with the rest of M.I.T.'s
copyrighted sources in a publicly accessible locker on Zeus; we
should keep it protected on Paris, probably with the same level of
access as for BSD sources.
4. When we ship Kerberos tapes that include the DES library, we need
to insure that
a. they are going to someone inside the U.S.
b. they contain a clear notice of export control.
5. It appears that it may be necessary for M.I.T. to request an ITAR
120.5 determination as to whether the authentication parts of
Kerberos require export license. Since they are not in themselves
cryptographic in any way--they just depend on cryptographic elements
for their operation to be secure--, the M.I.T. lawyers ought to study
this question and the regulations carefully with the goal of
convincing themselves that we don't have to ask. Unfortunately,
until this step is completed, we may need to regard all of Kerberos
as non-exportable.
Bill Hogue: could you please start on step 5?
I invite anyone interested to propose an alternate interpretation of
any of this stuff. My interpretation leads to a lot more hassle than
I like.
Jerry
