> > kernel@draper.net writes:
> >
> >
> > > MIT already distributes Kerberos, etc. MIT apparently is not as
> > > easily squelched as are individual software developers.
> >
> > It distributes Kerberos, but only within the USA. Us non-US citizens
> > usually get some variety of eBones.
>
> My understanding is you non-U.S. citizens (yourself excepted I reckon),
> simply get the real thing, i.e.
>
> ftp://ftp.ox.ac.uk/pub/comp/security/software/Kerberos5/
Yes For KerberosV this seems to be the case, but from the 'README' file:
krb5-1.0.crypto.tar.Z is the cryptographic library source. It may be
export restricted.
krb5-1.0.src.tar.Z is the source tree. It may be export restricted. It
is your responsibility obtain an export license if necessary.
Not that the source code does not include the cryptographic
library source. Both tar files should be untarred in the same
place to produce the full source tree.
Perhaps somebody from MIT could clarify this, but my understanding has
been that KerberosIV was exported by stripping out the encryption
stuff (but leaving the hooks) and then exporting the 'Bones'. Thus you
have efforts such as the ftp.pdc.kth.se:/pub/krb/src which have taken
Bones and added the encryption back in.
Recently, people have discovered a loophole in the US regulations. You
can apparently perfectly legally export encryption software in paper
form (this is what was done for pgp-5.0 and pgp-6.0 (see
http://www.pgpi.com/faq/pgpi.shtml#Why). Perhaps this is what has been
done for KerberosV?
Cheers,
Trond
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/