CryptoCard patch

[erich]

> > CryptoCard is absolutely not in any way a proprietary authentication
> > technology.  It is a plain and simple DES ECB encryption of the input,
> > using a key which is stored in the device.  The first 4 bytes of the
> > output are then displayed in hex.  In fact, I have also hired someone
> > to write a CryptoCard emulator for the Palm Pilot, and the resulting
> > code will also be under GPL.  Contrast this with RSA, which is in fact
> > a proprietary authentication technology, and which OpenSSH supports by
> > default.
> 
> I was mistaken about Cryptocard, my apologies. Calling RSA proprietary
> is a drawing a bit of a long bow though.

Ok, you're right, although it is patented in the US for another 24
hours, I believe...  There will probably be some good parties
tomorrow.

> > Who can I talk to about this?  Should I send it to the OpenBSD core
> > team?
> 
> There are several on the list, otherwise you can contact them direct at
> openssh at openbsd.org.

I sent email to that list.  I'm not on this mailing list, so I
couldn't participate in any discussion.  I'm willing to have this
thing modified in any way necessary to have it included in the
official distribution.

I'm going to be doing a lot of hiring contractors to do open source
work, although it will be very frustrating if I can't get stuff put
back into the distributions.  I could have bought the commercial
F-secure server, which already has CryptoCard support built in, but
instead I thought I would spend the money on hiring someone to put it
into the superior open source product.  You can imagine that I am a
little frustrated that my contribution was rejected.

Thanks,

e