Subject: Re: US crypto export resctrictions 'unconstitutional'
To: Aidan Cully <email@example.com>
From: Jonathan Stone <jonathan@DSG.Stanford.EDU>
Date: 05/07/1999 19:31:55
In message <19990507214928.A12327@xanadu.kublai.com>,
Aidan Cully writes:
>There are a couple of issues, IIRC.. In particular, I'm pretty sure
>the domestic 'passwd' program doesn't work with krb5's kadmind4.. This
>is a fairly easy fix, but I'm not too worried about getting to it since
>krb5 integration shouldn't take that much more work.
Ok. hadnt tried htat.
[ only telnet in krb4]
>I was planning on enabling krb5 rsh/rlogin, and also GSSerizing our
>ftp client/server. Is this a bad idea?
No, that sounds like a very good idea.
rsh/rlogin: some Kerberos installations have to contend with
non-kerberized telnetds (because certain powers-that-be have fallen
for SRP), so if you want to do Kerberos, rsh/rlogin become essential.
ftp: ISRT someone (Ken Hornstein? Someone from MIT?) saying they
wanted to port NetBSD's ftp-client changes back. If you can either
add the GSS-API stuff from krb5 to our ftp, or add Luke's bells and
whistles to the MIT krb5 ftp, then everyone wins.
>> There is work being done on `integrating' krb5, yes.
>> I'll leave it for them to answer.
>Yes, I'm working on integrating krb5.. This has gone slowly (even
>_really_ slowly) for a number of different reasons, not least of which
>is that changing NetBSD still makes me pretty nervous. I plan to post
>a proposal here when I'm ready to start integrating.