[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MIT implementation sources?

>At 6:13 PM -0700 2/16/99, Paul Crowley wrote:
>>Does anyone know of an FTP site outside the USA that carries the SDSI
>>2.0 sources, and whether I'd be breaking any laws in fetching them
>>from there if so?  I'd also be particularly interested in hearing
>>about any complete examples of SPKI-enabled clients and servers that
>>use this code, particularly if they're also SSL based.  I'm interested
>>in using SPKI as the basic permissions system for the next major
>>revision of PRCS (http://www.xcf.berkeley.edu/~jmacd/prcs) which is
>>client-server and SSL based.
>My reading of the latest Wasenaar (sp?) agreement is that authentication
>only systems are completely de-controlled.  As such, unless you are in one
>of the 5 really bad guy countries, export/import is completely legal.

Hmm, are you sure that Wassenaar allows export of sources?  If memory serves 
correctly, only binary code is granted export if it meets the criteria.

Dean Povey,         | e-m: povey@dstc.edu.au     | Cryptozilla:
Research Scientist  | ph:  +61 7 3864 5120       |  www.cryptozilla.org/
Security Unit, DSTC | fax: +61 7 3864 1282       | Oscar - PKI Toolkit:
Brisbane, Australia | www: security.dstc.edu.au/ |  oscar.dstc.qut.edu.au/

Follow-Ups: References: