Subject: Re: anoncvs
To: None <email@example.com>
From: None <firstname.lastname@example.org>
Date: 04/20/1999 17:40:39
In message <Pine.NEB.3.96.990421001632.28472Aemail@example.com>, Olaf S
>b) Scrap it, and replace it with "foreign" code. Not as if this is
> exceedingly difficult - any 2-year-old who has seen a description
> of DES can reverse the rounds to obtain decryption. It's around line
> 666 in my copy of the "exportable" version.
This doesn't help. You *still* can't distribute that code from any server
in the U.S., it's still a munition. So far as I can tell, anything compatible
with existing encrypted data is illegal to export.
> Or even better, do an MD5 based password scheme and forget unsafe DES.
I'd love to see this as an option, as well as support for wide passwords, but
I personally plan to keep using DES a while longer, until all of my boxes have
a suitable replacement.
>c) What else is there in "domestic"? Kerberos maybe? Everyone has that
> already as well, so add it to "foreign" servers and be done with it.
>I would suggest carrying this stuff *only* on non-USA servers, in order
>to make a political statement about the whole stupidity of ITAR.
Well, it certainly is stupid. I doubt you'll get any argument from that.