Subject: Re: US crypto export resctrictions 'unconstitutional'
To: Andrew Gillham <gillhaa@ghost.whirlpool.com>
From: Perry E. Metzger <perry@piermont.com>
List: current-users
Date: 05/07/1999 15:18:07
Andrew Gillham <gillhaa@ghost.whirlpool.com> writes:
> Perry E. Metzger writes:
> > 2) Domestic is worthless anyway. Who wants 1DES based Kerb IV anyway?
> 
> So why is this "broken" implementation still in the tree then?

We've been arguing about nuking the thing for a while now. I very much 
agree that it should go.

> It
> claims to be "supported", but doesn't appear to work except with a
> couple clients.  The kerberos samples in inetd.conf show '-k' options
> to both rshd and rlogind that don't exist,

I believe Thor, who was maintaining it for a while, had a religious
conviction against the use of rlogin instead of telnet with the
authentication option.

> All in all, it seems like it doesn't work, and I haven't heard anyone
> refuting the claims that it is "worthless."  

Well, we have a small minority that strongly wants to keep it. I
suspect that it will vanish between 1.4 and 1.5, to be replaced by a
package.

> Is anyone working on Kerberos 5 packages?

Dunno.

Perry