[7005] in Kerberos
Re: kerberos security
daemon@ATHENA.MIT.EDU (Ranjeet Shetye)
Wed Apr 3 18:17:32 1996
Date: Wed, 3 Apr 1996 15:02:58 -0800 (PST)
From: Ranjeet Shetye <shetye@chaph.usc.edu>
Cc: kerberos@MIT.EDU
In-Reply-To: <4jsv1p$98m@kerby.ocsg.com>
Just out of curiosity, can a person outside the US sit down and legally
code the DES**3 approach into an ecryption program or has the mathematical
proof also been patented/protected ?
if yes, i wanted to estimate the possible monetary loss to software
companies due to this restriction.
Ranjeet.
On Wed, 3 Apr 1996, Joe Kovara wrote:
> hartmans@MIT.EDU (Sam Hartman) wrote:
> > Unfortunately, MIT's Kerberos5 cannot be exported from the
> >United States. You will have to wait for someone to implement
> >Kerberos5 outside the US in order to get a legal copy.
>
> We (CyberSafe) export U.S. implemented versions of Kerberos (as well
> as the GSSAPI), under both State and Commerce Department jurisdiction.
>
> Full-strength Kerberos is allowed for export to approved countries for
> ....
>
> Triple DES is a different animal--"under no conditions" sums it up.
> We are waiting for clarification on whether triple DES is generally
> exportable if used for authentication only (yes, it should be, but we
> never assume).
> ....
