Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!rutgers!mailrus!csd4.milw.wisc.edu!cs.utexas.edu!uunet!auspex!guy
From: guy@auspex.auspex.com (Guy Harris)
Newsgroups: comp.protocols.nfs
Subject: Re: PCNFS and security
Message-ID: <1769@auspex.auspex.com>
Date: 7 Jun 89 18:21:14 GMT
References: <183@mirsa.inria.fr> <11714@bloom-beacon.MIT.EDU> <108142@sun.Eng.Sun.COM> <1756@auspex.auspex.com> <4685@psuvax1.cs.psu.edu>
Reply-To: guy@auspex.auspex.com (Guy Harris)
Organization: Auspex Systems, Santa Clara
Lines: 17

>As Charles Hedrick has pointed out, in SunOS 4.0 even the domestic
>(source licence) customers (accidently?) get a gutted version of the
>encryption code, despite comments in the relevent files saying "This
>implements DES".  It would be good to hear from someone at Sun that
>this has been fixed.

I can't speak for anybody getting the SunOS 4.0 source, but I can speak
for people getting the ONC/NFS source, since we are one; domestic
customers - or, at least, *this* domestic customer* - did get the DES
encryption code source.  I guess the US government feels secure we're
not going to give away those critical munitions to the Russkies or
whatever.

(It would be *really* nice to hear from someone in the U.S. Government
that this has been fixed, and that DES encryption code, etc. can be
shipped not only to domestic, but also overseas, customers.  I don't
know whether it'll happen in my lifetime, though....)