[2731] in cryptography@c2.net mail archive
Re: FYI: I believe Microsoft has knowingly violated the export rules
daemon@ATHENA.MIT.EDU (Tom Perrine)
Wed May 20 16:58:03 1998
Date: Wed, 20 May 1998 13:42:15 -0700
From: Tom Perrine <tep@SDSC.EDU>
To: marc@cygnus.com
CC: reinhold@world.std.com, rsalz@shore.net, cryptography@c2.net
In-reply-to: <t53som4rauc.fsf@rover.cygnus.com> (message from Marc Horowitz on
20 May 1998 15:39:07 -0400)
>>>>> The moving finger of Marc Horowitz, having written:
Marc> Tom Perrine <tep@SDSC.EDU> writes:
>>> I think that part of the issue is that Kerberos was deemed to be
>>> non-exportable if the calls to the crypto libraries were left in, but
>>> the called crypto libraries were left out.
Marc> Your understanding of this situation is incorrect. MIT had to remove
Marc> the *calls* from the source, as well as the crypto code.
Marc> Marc
Either I mis-stated my case, or you mis-understood it. I knew that
all the *calls* were removed: "non-exportable if the calls to the
crypto libraries were left in". Perhaps the "but" should have been an
"even if" ?
Way back when, I think that the hope was that if the calls were left
in, but the libraries were not exported, then the K source was
exportable. This was deemed not acceptable for MIT, but seems to be
exactly the case that was acceptable for Microsoft.
--
Tom E. Perrine (tep@SDSC.EDU) | San Diego Supercomputer Center
http://www.sdsc.edu/~tep/ | Voice: +1.619.534.5000
Been there, done that, erased the evidence, blackmailed the witnesses...
