Date: Fri, 8 Sep 2000 02:09:10 -0500 (CDT) From: Mike Silbersack <silby@silby.com> To: Peter Wemm <peter@netplex.com.au> Cc: Warner Losh <imp@village.org>, hackers@FreeBSD.ORG Subject: Re: FYI: RSA Donated to the public domain Message-ID: <Pine.BSF.4.21.0009080202040.55881-100000@achilles.silby.com> In-Reply-To: <200009070848.e878m5G55687@netplex.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 7 Sep 2000, Peter Wemm wrote: > Mike Silbersack wrote: > > Ok, now I have a question. Using STARTTLS with sendmail is obviously OK > > for us, since sendmail got the export liscense. However, AFAIK, qmail and > > postfix have obtained no such permission. > > Postfix has done the BXA hoop thing too. It is fully exportable (and > reexportable) and has a TLS etc implementation. > > Cheers, > -Peter Excellent, glad that 2/3 MTAs are done. Now, on to qmail. I'm assuming that Bernstein won't go through the hassle of getting approval, especially since I don't know where the snuffle trial is currently at in appeals. However, the TLS patch for qmail at http://www.esat.kuleuven.ac.be/~vermeule/qmail/tls.patch patches cleanly, and works great. Like OpenSSH / etc, it uses OpenSSL for all crypto work. Which of the following options would be legal: 1. Have the port fetch the patch from the .be site, patch qmail, and finish building it. 2. Include a (possibly modified) version of the patch in the ports tree, which would be applied when building qmail. (The port makefile would also wish to call the patched qmail makefile to create a CA during the build process as well. I'm not sure if that has additional implications.) I'm assuming #1's good, since that's how the OpenSSH port worked. Would #2 be any different? Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0009080202040.55881-100000>