1995-07-28 - Re: NSA and the NCSA/Apache web servers

Header Data

From: fc@all.net (Dr. Frederick B. Cohen)
To: Greg_Rose@sibelius.sydney.sterling.com (Greg ROSE)
Message Hash: 3ab9daf3cbe4f4d4ed22544c79f000d4146973dca0a656ce05ddfb0f60ed5e8b
Message ID: <9507281039.AA13694@all.net>
Reply To: <9507280320.AA28749@paganini.sydney.sterling.com>
UTC Datetime: 1995-07-28 10:45:54 UTC
Raw Date: Fri, 28 Jul 95 03:45:54 PDT

Raw message

From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 28 Jul 95 03:45:54 PDT
To: Greg_Rose@sibelius.sydney.sterling.com (Greg ROSE)
Subject: Re: NSA and the NCSA/Apache web servers
In-Reply-To: <9507280320.AA28749@paganini.sydney.sterling.com>
Message-ID: <9507281039.AA13694@all.net>
MIME-Version: 1.0
Content-Type: text


> 
>   
> "Amir Y. Rosenblatt" <axon@neuron.net> wrote:
>   Wow -- hooks to encryption are unexportable -- now THAT's bullshit.  Sheesh.
> 
> A few yuears ago I asked Matt Blaze if he would
> publish CFS with the sryptography removed, and he
> told me that AT&T's lawyers also believed this to
> be true. (So, of course, his answer was "No".)
> The hooks are as important as the crypto code.
> 
> Interestingly though, Kerberos made it to
> Australia (Bond University I think) legally.

Actually, neither hooks nor encryption are unexportable, you just need
a license to export them.  I got a license to export an RSA encryption
scheme and a general purpose hook into encryption for integrity toolkit.
It took a few months and was not very difficult, but you have to apply.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




Thread