Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 11 Dec 1997 12:41:43 -0700 (MST)
From:      Marc Slemko <marcs@znep.com>
To:        Charles Mott <cmott@srv.net>
Cc:        hackers <hackers@FreeBSD.ORG>
Subject:   Re: FW: Why so many steps to build new kernel?
Message-ID:  <Pine.BSF.3.95.971211123824.7057F-100000@alive.znep.com>
In-Reply-To: <Pine.BSF.3.96.971210201353.26388A-100000@darkstar.home>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Wed, 10 Dec 1997, Charles Mott wrote:

> > > I certainly wouldn't want anything like kernel configs or sysadmin
> > > type stuff happening over a standard port like 80 or 8080 with
> > > clear text passwords.  If I could use SSL on some bizzaro
> > > port number, that would be really worth having.  :-)
> > 
> > SSL is troublesome because the fascist US gov't patents basic math and is
> > afraid that allowing people to export technology that the whole world
> > already has will be a security risk. 
> > 
> > The sad truth is that the Internet would be far more secure if the US
> > gov't wasn't so obtuse.
> 
> My understanding is that only commercial web servers support SSL, which I
> am guessing is the name for standard secure link used by MSIE and
> Netscape.  Is it possible that Apache supports SSL?? 

Apache doesn't support it in the base distribution because of export
issues.

http://www.apache-ssl.org/ for patches to make it work with SSLeay; this
is legal to use in the US only for non-commercial purposes.

It can not be done in FreeBSD even if you get around export issues because
of RSA patents.

SSL can be implemented without any other problems.  Well, Netscape is
claiming a patent on it but...

The above talks about SSLv2; SSLv3 can be implemented without using any
algorithms patented within the US.  You still have horrible export issues
though.

> In a more perfect world, we would be using source code available browsers
> that had evolved to use a free, ssh derivative encryption.  Instead we let

Huh?  "ssh derivative encryption" makes no sense.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.971211123824.7057F-100000>