Re: ftp.kernel.org vs. ftp.funet.fi

tz@execpc.com
Sun, 20 Apr 1997 16:40:12 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Previous message: James Hughes: "Re: [Crypto] Re: ftp.kernel.org vs. ftp.funet.fi"

> Um... ftp.kernel.org is inside the USA, just outside of Santa Clara, CA.
> But, in any case, the linux kernel is cerianly freely exportable, covered by
> neither ITAR, nor EAR, since it contains no encription routines. Libc is
> not covered by ITAR, and I don't think it is covered by EAR, since it uses a
> 64 bit key, which is legal for export.

Only 40 bit is legal for export. There is an exemption for some things
like authentication, but it is a maze and changes. It also may (or may
not) mean anything that uses or calls a crypto library. The rules aren't
clear, and those in charge generally don't want them to be. DES is
definately NOT exportable. It is available everywhere outside, but it is
still not exportable. www.cdt.org, www.epic.org, www.privacy.org and
www.eff.org have sections on crypto policy nonsense, and there are bills
(rep. Goodlate R-Va has SAFE, and sen. Burns has Pro-CODE) to fix this
absurdity. But don't casually discount it.

What does sunrpc/svcauth_des use?

And what about encryption/steganography for the loop device, if that ever
makes it into the kernel proper? The fact that this can be added to the
kernel might make the kernel unexportable.

tz@execpc.com
finger tz@execpc.com for PGP key

Previous message: James Hughes: "Re: [Crypto] Re: ftp.kernel.org vs. ftp.funet.fi"