[1040] in Coldmud discussion meeting
Re: [COLD] encryption, DES, MD5, SHA-1(?)
daemon@ATHENA.MIT.EDU (Wed Jul 24 11:52:49 1996
)
Date: Wed, 24 Jul 1996 10:26:48 -0500 (CDT)
From: Stephen Smoogen <smooge@duracef.shout.net>
To: coldstuff@cold.org
In-Reply-To: <199607241001.UAA00818@gateway1.brisnet.org.au>
On Wed, 24 Jul 1996, Dancer wrote:
> Erm, no. Technically, you can't ship anything containing any encryption code
> outside of the USA. Not MD5, not DES, not anything. Not without a specific
> permit to do so.
>
> Unix gets away with DES by having had the DES crypto algorithm separately
> implemented in the UK. Same deal with the others. You send the specs to
> another country (Canada doesn't count, nor does anywhere on the NSA's
> shit-list) and let them develop some code to spec. Then everyone's happy,
> and it's legal.
>
With this in mind you might want to have it that people have to pick up
the SSH-LEAY distreibtuion from Australia (I dont have the URL handy but
can supply it later.) And have the ColdX user drop it in and compile with
it. You dont explicitely ship it and it is up to the user to get it
depending on their local Encryption laws (ie France, Russia and Singapore
no encryption... US no exporting etc etc.) I would say that you might
use their implementation of SSH for conceiled VEIL (though I dont knopw
enough about this to know if it is possible or not). As a default you can
use a simple XOR block encryption that really isnt encryption at all...
(IE 1 cycle decrypt)
Stephen
------------------------------------------------------------------------------
Stephen John Smoogen
Recovering Sysadmin (well ok... I still sysadmin... I cant stop)..
217-351-8093