Date: Sun, 04 Jun 1995 11:54:22 +0200 From: Mark Murray <mark@grondar.za> To: Eric Young <eay@mincom.oz.au> Cc: Mark Murray <mark@grondar.za>, Eric Young <eay@tenmail.mincom.oz.au>, Tim Hudson <tjh@orb.mincom.oz.au>, hackers@freebsd.org Subject: Re: DES, eBones and crypt availble for non-US! Message-ID: <199506040954.LAA12533@grumble.grondar.za>
next in thread | raw e-mail | index | archive | help
> Just in case you guys are interested, I'm the person who originally did > the eBones stuff many years ago. > I have been doing some more crypto stuff recently but I have only > announced it on the ssl-list mailing list, newsgroups anouncements will > occur in a week or 2. AHA! You sound like just the person I would like to ask some questions of. 1) I am trying to find pointers to the official legal status of crypto code in various countries. I know that the USA/Canada considers this to be a munition, so exporting it illegally is like gun running. I heard a rumour that Australia was the same. I also heard something about this code being illegal for possession in France. Any comments/ pointers? 2) We are all treating eBones with respect and not getting it from the states, but is contains no crypto code, only calls. Is it or is it not legal for export? I need a definitive answer here. (I vaguely remember something about a `sanitised' Kerberos/eBones (or is this eBones itself?). > Anomgst the things. > libdes - the des library that came with eBones has had a life of it's own > and has been updated quite a bit. It has tripple des, ofb, cfb modes > etc now and a few bug fixes. > It is now released as part of my SSL implementation. > This implementation contains > DES, RC4, > RSA (full private key generation function etc, infact about half the > library is X509/RSA stuff). > X509 routines. > SSL. This looks great! > There are programs for handling X509 stuff and demo programs for ssl > client and server implementation. > A friend of mine (Tim Hudson tjh@mincom.oz.au) has put this into SRA > telnet/telnetd, Mosaic and httpd (for https). This code has been tested > and runs on all unix boxes I could get hold of. The SRA telnet has only > been tested on Solaris 2.x and IRIX 5.x. The applications are still > being worked on. The code we have includes a Kerberised telnet, in a non-functional state (I think someone in the US has fixed this, but he obviously can't let us get it). Do you have a working one? > This code is officially Alpha, in that I'm still working on the library > quite a bit but it works and is available for ftp from ftp.psy.uq.oz.au > /pub/Crypto/SSL and /pub/Crypto/SSLapps. There is a web page at > http://www.psy.uq.oz.au/~ftp/Crypto (I think). The only problem is this > machine blew it's root disk and will not be back until monday :-(. How long before an official release? > Currently SSLeay is not compatable with SSLref from netscape at a call > level but it definitly is at a protocol level. In the next week or 2 > I'll probably be working on making an interface to my RSA code > compatable with RSAref. > > This code is now all under a licence which makes all of the above free > for comercial and non-comercial use, with the restriction that I'm given > attribution. Basically the same as the BSD licence. Would we be able to hack this code into our source tree? We have our own make system, and we would gladly preserve any attribution. (I have read the next paragraph, but I am now asking if we may 'BSD-ise' this. It may then divert a bit from your mainstream development. (Not much if what I have seen so far of the BSD team is anything to go by) > If people are interested in testing and putting SSL into apps under free > BSD, feel free to start using the code. Documentation is somewhat > lacking but I'll be working on that, you will just have to read the demo > programs :-) Thanks! > have fun (on monday when psych is fixed) I plan to :-> :-> :-> M -- Mark Murray 46 Harvey Rd, Claremont, Cape Town 7700, South Africa +27 21 61-3768 GMT+0200
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199506040954.LAA12533>