-c none option
mouring at etoh.eviladmin.org
mouring at etoh.eviladmin.org
Sun Dec 9 16:36:52 EST 2001
Besides OpenSSH is a canada product. All us USites that do work on it
don't touch the encryption aspects. And Canada does not have all those
stupid laws yet.. I'm waiting to see what Canada does on the WIPO sstuff.
- Ben
On Sat, 8 Dec 2001, Corinna Vinschen wrote:
> On Fri, Dec 07, 2001 at 03:40:27PM -0800, Jason Stone wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> >
> > > The SSH2 protocol separated authentication and message integrity
> > > from encryption. As such, OpenSSH *should* be supporting None as an
> > > encryption type while enforcing authenticated packets w/ hmac-md5 or
> > > something similar. It isn't.
> >
> > Also, many governments regulate the use of "cryptographic" algorithms, but
> > not "authentication" algorithms. In particular, for many years you could
> > not export 56-bit DES implementations from the US, but you could export
> > any MD5 or SHA1 implementation.
> >
> > Supporting cipher=none with MAC'd packets might make it legal to use ssh
> > in some countries where it couldn't otherwise be used, and while it would
>
> Just because an encryption implementation couldn't be exported from
> the US, it doesn't mean they weren't available. That would mean
> that there were no developers outside of the US ;-)
>
> Corinna
>
> --
> Corinna Vinschen
> Cygwin Developer
> Red Hat, Inc.
> mailto:vinschen at redhat.com
>
More information about the openssh-unix-dev
mailing list