[1040] in Coldmud discussion meeting

root meeting help first first in chain previous in chain previous next next in chain last in chain last

Re: [COLD] encryption, DES, MD5, SHA-1(?)

daemon@ATHENA.MIT.EDU (Wed Jul 24 11:52:49 1996 )

Date: Wed, 24 Jul 1996 10:26:48 -0500 (CDT)
From: Stephen Smoogen <smooge@duracef.shout.net>
To: coldstuff@cold.org
In-Reply-To: <199607241001.UAA00818@gateway1.brisnet.org.au>

On Wed, 24 Jul 1996, Dancer wrote:

> Erm, no. Technically, you can't ship anything containing any encryption code
> outside of the USA. Not MD5, not DES, not anything. Not without a specific
> permit to do so.
> Unix gets away with DES by having had the DES crypto algorithm separately
> implemented in the UK. Same deal with the others. You send the specs to
> another country (Canada doesn't count, nor does anywhere on the NSA's
> shit-list) and let them develop some code to spec. Then everyone's happy,
> and it's legal.

With this in mind you might want to have it that people have to pick up 
the SSH-LEAY distreibtuion from Australia (I dont have the URL handy but 
can supply it later.) And have the ColdX user drop it in and compile with 
it. You dont explicitely ship it and it is up to the user to get it 
depending on their local Encryption laws (ie France, Russia and Singapore 
no encryption... US no exporting etc etc.) I would say that you might 
use their implementation of SSH for conceiled VEIL (though I dont knopw 
enough about this to know if it is possible or not). As a default you can 
use a simple XOR block encryption that really isnt encryption at all... 
(IE 1 cycle decrypt)


Stephen John Smoogen 	
Recovering Sysadmin (well ok... I still sysadmin... I cant stop)..