Here's something I had lying around for a while that may be
	relevant - unsure of the exact date/sender...

> > Can anyone tell me an ftp site for a legally exported version of 
> > Kerberos 5? I thought that a copy without DES had been copied from the 
> > US, and then had non-US sourced DES put back in - but no idea where to 
> > look. thanks,
> 
> Under US regulations, "export" of crypto-related material is performed
> when the material is given to anyone who does not have permanent
> residence rights in the US or Canada.  If that person is within the US
> when the transfer takes place, the material has been exported
> nonetheless.
> 
> At the FIRST computer security conference last year in Boston MA,
> freeware CD-ROMs were handed out to (almost) all delegates irrespective
> of the nationality of the delegates.   The only reason that everyone
> didn't get one is that more people showed up than they expected and so
> they ran out.
> 
> I *know* that copies were given to "foreigners" -- to people from the
> UK, Netherlands and Italy to my certain knowledge.  *If* the CD-ROMs
> contained restricted material, the act of export occurred when the
> CD_ROMs were handed over.  The organization doing the export was the
> conference organizers, NIST.  Given that NIST is a US government body,
> with a well-documented history of providing computer-security related
> material, one must assume that they are aware of the export regulations.
> They were certainly aware of the nationality of the conference
> delegates.
> 
> We were explicitly told in open session (in response to a question from
> the audience) that the contents of those CD-ROMs could be freely copied
> and, in particular, could be made available by anonymous ftp.
> 
> Accordingly, the CD-ROM is normally mounted as
> 
> 		ftp.ox.ac.uk:/pub/comp/security/FIRST_CDROM
> 
> but may sometimes be unavailable because the drive is wanted for another
> purpose.
> 
> Please note: I am making no statement about the "legality" of the
> export, whatever that phrase means.  I am only relating the facts as I
> understand them.
> 
> Paul
                   David/abs             (david@mono.org)

.---- I've been too drunk to love ----.--- I've been too drunk to remember -.
|          Too drunk to care          |     The hell of the night before    |
|  Looked like death, felt like Hell  |    I've been drinking myself blind  |
`------ Been the worse for wear ------'--- And still I'll drink some more --'