Date: Mon, 17 Feb 1997 21:16:22 -0800 (PST) From: Dmitry Kohmanyuk <dk@dog.farm.org> To: karpen@ocean.campus.luth.se (Mikael Karpberg) Cc: freebsd-security@freebsd.org Subject: Re: blowfish passwords in FreeBSD Message-ID: <199702180516.VAA09296@dog.farm.org>
next in thread | raw e-mail | index | archive | help
In article <199702172225.XAA21874@ocean.campus.luth.se> you wrote: > According to Mark Mayo: > [...] > > For DES, yes.... I wasn't really thinking abut the DES distribution, but > > for future crypto distributions. The problem is that the 'main' FreeBSD > > distribution site (ftp.freebsd.org) cannot export DES or other crypto > > software to other coutries - for people in other parts of the world, who > > perhaps aren't aware of the problems with the US gov.'s export laws right > > now, it can be a little confusing when tey are told at install time that > > because they don't live in the US they can't install DES/Kerberos... I > > guess maybe the FTP install could be setup to automagically use a non-US > > server when the user picks a sensitive crypto package? > That would be GREAT! If nothing else, when you choose DES, just pop up a > requester and say "Are you within the USA? (Yes/No/Cancel)" and default > it to cancel. I for one haven't bothered to install DES because it seems Just a minor nit. Being _within_ USA and being subject to USA cryptoexport laws can be not the same. I am not U.S. citizen - just working there, and because of that, don't want to use U.S. sites regardless. Now, what about if I install software on machine outside the U.S. if I am U.S. citizen? or if I not? The legal warning should be more detailed. > too much of a hassle. If you could just say "No, I'm not from the USA" and > have sysinstall try a few Non-US sites and get the DES if you tried to > install from a site called .edu/.us or .org/.com known to be US, or so. > I dunno. Something at least. Something the user basically just have to say > "No, I'm not from the USA" to, and it would do the rest. Period. > Jordan? :-) I think that just having main repository into a normal country can be a better option. Sadly, most normal countries have poorer Internet connectivity. -- "There must be some part of the brain that only activates when you learn UNIX."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702180516.VAA09296>