From owner-freebsd-hackers  Fri Feb  6 05:18:33 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id FAA06182
          for hackers-outgoing; Fri, 6 Feb 1998 05:18:33 -0800 (PST)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from mail.iconz.co.nz (mail.iconz.co.nz [202.14.100.36])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id FAA06164
          for <hackers@FreeBSD.ORG>; Fri, 6 Feb 1998 05:18:29 -0800 (PST)
          (envelope-from andrew@squiz.co.nz)
Received: from [203.96.56.128] ([203.96.56.128])
	by mail.iconz.co.nz (8.8.7/8.8.7) with SMTP id CAA131130886771101;
	Sat, 7 Feb 1998 02:18:21 +1300 (NZDT)
X-Sender: squiz1@pop.actrix.gen.nz
Message-Id: <v02120d08b100a4d6e807@[203.96.56.128]>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Sat, 7 Feb 1998 02:19:46 +1300
To: Terry Lambert <tlambert@primenet.com>
From: andrew@squiz.co.nz (Andrew McNaughton)
Subject: Re: WebAdmin
Cc: hackers@FreeBSD.ORG
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG
X-To-Unsubscribe: mail to majordomo@FreeBSD.org "unsubscribe hackers"

>SSL can not be in by default because of ITAR restrictions.  BSD crypto
>is done outside the US, mostly so that non-American programmers become
>better at crypto than American programmers so foreign powers can conduct
>espionage with impunity because we can't break their crypto.  Er, I
>mean so that we can keep these dangerous munitions from falling into
>the wrong hands, since an evildoer would never violate US export
>regulations in the course of engaging in terrorist activity, because
>terrorists have a social conscience.  Er, because we are stupid.
>
>
>                                        Terry Lambert
>                                        terry@lambert.org
>---
>Any opinions in this posting are my own and not those of my present
>or previous employers.

I believe SSLeay is the international implementation, though I'm a bit
vague on the licensing arrangements.  Given that BSD already does network
installation, I imagine it wouldn't be too dificult to fetch this version
from a non US site if so directed.

If the aim is to make the admin available through a standard web browser,
there's probably some sense in just using standard https connections.  This
means international users only get 40 bit encryption, but in cases where
this is insufficient, remote server admin is probably not a good idea
anyway.




 The effort to understand the universe is       Andrew McNaughton
 one of the very few things that lifts            ++64 4 389 6891
 human life above the level of farce,          andrew@squiz.co.nz
 and gives it some of the grace            http://www.squiz.co.nz
 of tragedy  -  Steven Weinberg         http://www.newsroom.co.nz