[7310] in Kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: US Export Restrictions

daemon@ATHENA.MIT.EDU (Dennis Glatting)
Sun May 19 13:02:48 1996

From: Dennis Glatting <dennisg@plaintalk.bellevue.wa.us>
Date: Sun, 19 May 96 09:51:17 -0700
To: rsalz@osf.org (Rich Salz)
Cc: kerberos@MIT.EDU
Reply-To: dennis.glatting@plaintalk.bellevue.wa.us


Date: 19 May 1996 15:17:53 GMT
From: rsalz@osf.org (Rich Salz)

> In <199605170319.UAA03816@imo.plaintalk.bellevue.wa.us>  
dennis.glatting@plaintalk.bellevue.wa.us writes:
> >I don't know if it is easy, but, CyberSafe has an
> >exportable GSS-API Kerberos mechanism *with* user
> >level DES encryption.
>
> For identification (gss_sign) not confidentiality
> (gss_seal), right?
>

Confidentiality is provided in gss_seal().

> I cannot imagine that CyberSafe got permission to export
> a system that lets a user do 56-bit DES for arbitrary data
> without some sort of key escrow or similar perversion.  If
> I'm wrong, I'd love to hear it!
>

CyberSafe created a new QOP and SEAL_ALG and use DES-40
for encryption.


-dpg


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[7310] in Kerberos

Re: US Export Restrictions

daemon@ATHENA.MIT.EDU (Dennis Glatting)Sun May 19 13:02:48 1996

daemon@ATHENA.MIT.EDU (Dennis Glatting)
Sun May 19 13:02:48 1996