Subject: Re: US crypto export resctrictions 'unconstitutional'
To: Aidan Cully <>
From: Jonathan Stone <jonathan@DSG.Stanford.EDU>
List: current-users
Date: 05/07/1999 19:31:55
In message <>,
Aidan Cully writes:

>There are a couple of issues, IIRC..  In particular, I'm pretty sure
>the domestic 'passwd' program doesn't work with krb5's kadmind4..  This
>is a fairly easy fix, but I'm not too worried about getting to it since
>krb5 integration shouldn't take that much more work.

Ok. hadnt tried htat.

[ only telnet in krb4]

>I was planning on enabling krb5 rsh/rlogin, and also GSSerizing our
>ftp client/server.  Is this a bad idea?

No, that sounds like a very good idea. 

rsh/rlogin: some Kerberos installations have to contend with
non-kerberized telnetds (because certain powers-that-be have fallen
for SRP), so if you want to do Kerberos, rsh/rlogin become essential.

ftp: ISRT someone (Ken Hornstein? Someone from MIT?) saying they
wanted to port NetBSD's ftp-client changes back. If you can either
add the GSS-API stuff from krb5 to our ftp, or add Luke's bells and
whistles to the MIT krb5 ftp, then everyone wins.

>> There is work being done on `integrating' krb5, yes.
>> I'll leave it for them to answer.
>Yes, I'm working on integrating krb5..  This has gone slowly (even
>_really_ slowly) for a number of different reasons, not least of which
>is that changing NetBSD still makes me pretty nervous.  I plan to post
>a proposal here when I'm ready to start integrating.