Subject: Re: Latest CERT advisory on telnet vs. Kerberos
To: Greg Earle <earle@isolar.Tujunga.CA.US>
From: Simon J. Gerraty <email@example.com>
Date: 02/22/1995 02:26:20
> I dunnae see a "kerberos.c" in the NetBSD libtelnet sources. Comments? Is
> that an MIT-only local thingy?
The telnet source shipped with NetBSD has had all the code bounded by
#ifdef ENCRYPTION removed. This allows it to be exported from the
U.S. However since the current ENCRYPTION implementation is tightly
coupled with the AUTHENTICATION code I can only suspect that some of
that has been removed also.
If someone (in the U.S.) could confirm that I'm wrong on that I'd
appreciate it. Currently I've implemented encryption via a new option
(PKE == Public Key Encryption) and totally avoided the current
auth/enc source files - as my patches would be useless to anyone who
has the complete versions.