From owner-freebsd-ports Wed Aug 9 18:47:35 2000 Delivered-To: freebsd-ports@freebsd.org Received: from blount.mail.mindspring.net (blount.mail.mindspring.net [207.69.200.226]) by hub.freebsd.org (Postfix) with ESMTP id DEF8837BBBC; Wed, 9 Aug 2000 18:47:32 -0700 (PDT) (envelope-from asami@cs.berkeley.edu) Received: from silvia.hip.berkeley.edu (sji-ca7-238.ix.netcom.com [209.109.235.238]) by blount.mail.mindspring.net (8.9.3/8.8.5) with ESMTP id VAA31021; Wed, 9 Aug 2000 21:46:59 -0400 (EDT) Received: (from asami@localhost) by silvia.hip.berkeley.edu (8.9.3/8.6.9) id SAA19404; Wed, 9 Aug 2000 18:45:30 -0700 (PDT) Date: Wed, 9 Aug 2000 18:45:30 -0700 (PDT) Message-Id: <200008100145.SAA19404@silvia.hip.berkeley.edu> X-Authentication-Warning: silvia.hip.berkeley.edu: asami set sender to asami@cs.berkeley.edu using -f To: ports@freebsd.org Cc: kris@freebsd.org Subject: volunteer wanted: crypto ports From: asami@freebsd.org (Satoshi Asami) Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, I need someone to help me on this. The issue is which ports we can export now that BSDi has gotten a blanket export permit. If someone can go look at the RESTRICTED=crypto ports' license files, and contact the authors when it is not clear that we can export them, I will be eternally grateful. Thanks, -PW ------- Date: Thu, 13 Jul 2000 02:28:48 -0700 (PDT) From: Kris Kennaway To: Satoshi - Ports Wraith - Asami Cc: "Jordan K. Hubbard" , freebsd-ports@freebsd.org, archie@freebsd.org Subject: Re: Export controlled ports On 11 Jul 2000, Satoshi - Ports Wraith - Asami wrote: > Note that I only changed rsaref's RESTRICTED from "crypto" to "patent" > -- we still can't ship the distfile or packages due to the RSA > patent. When the patent expires, my understanding is that we are > going to just switch over to the international version and remove > RESTRICTED. This also means USE_OPENSSL will still mean RESTRICTED > (by inference) on 3-stable machines which need security/rsaref. Kris, > is this correct? Actually it's not just the patent, but the license on the software itself. i.e. RSA Inc do not permit us to export the rsaref code, and we can't currently use or export any other RSA implementations because of the patent. Once the patent expires we still can't export rsaref (unless they remove that license clause - unlikely, see below) - but we won't need/want to anyway because it's crap (ports which build against it can be patched to build against OpenSSL, which we WILL be able to distribute freely) The gnupg-rsa and librsaintl packages should also not be built for the same reason, but it looks like they're also okay as they stand. Quite a few of the ports, such as (I believe) cfs, specifically mention not exporting the code in the license agreement - this was probably as a reminder of the then-existing regulations and the author may well agree to remove the clause if asked, but I don't know whether we can safely assume that condition now to be removed automatically (e.g. rsaref is probably never going to be relicensed since RSA also sell a commercial toolkit and seem to consider releasing rsaref to have been a mistake). And then things like Netscape have specific disclaimers on their 128-bit versions against exporting to the "Rogue States" (although I assume that BSDi's export license also requires this since again it comes from the same source, the current crypto export regs). Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message