Subject: Re: export controls
To: Michael C. Richardson <>
From: Thor Lancelot Simon <>
List: tech-security
Date: 06/23/1999 13:03:54
On Wed, Jun 23, 1999 at 12:50:03PM -0400, Michael C. Richardson wrote:
> >>>>> "Todd" == Todd Vierling <> writes:
>     Todd> : Please let me know your opinion about IPsec export issue.
>     Todd> Before importing crypto code into the *kernel*, it needs to be
>     Todd> separated into IPsec and non-IPsec code, with the former in a
>     Todd> segregated tree.
>   That is exactly what itojun is presenting is his list.
>   My feeling is that we import all of KAME into cryptosrc-intl, get it
> working, and then move stuff into syssrc as appropriate.

No!  This is _not_ the way things are done in the NetBSD project.  Please
remember that though cryptosrc-intl is not part of the "main" NetBSD
repository that lives on, it is still part of the Project's
source tree.

The whole *point* of itojun's work is to avoid this kind of duplication
and lunacy.  We're not Linux, after all.  We do not have six copies of
bash, three of Emacs, two versions of ls, and a sodomized penguin in our
source tree.

Please duplicate only the export-restricted portions of the code.  My
understanding was that itojun was going to import them into cryptosrc-intl
himself, and that we here in the U.S. would import into cryptosrc-us as
necessary.  Please recall, itojun-san is not in the U.S. himself...