On Thu, Nov 23, 2000 at 05:53:11PM +0100, theo wrote:
however, it is my understanding that IPSec will require 3des. so, while i can have quasi-encrypted config access, i can't use the new and improved VPN technology without 3des.
hmmm, I think you can still run ipsec tunnels with des only. But still the argument counts that you are not using the latest encryption technology.
i have no interest in using the latest crypto gunge in "restricted" countries. i would like to 3des enable my local (canadian) routers, so that i can use 3des with my canadian/US/UK customers.
i wonder if uunet/teleglobe/cable-and-wireless have gotten special permission to run 3des capable routers on their networks. i'm sure that all three are supplying network services to countries not on that list.
very good question. My interpretation of the licence agreement is that they can do so in the "listed" countries *only* but not in the rest.
my interpretation is that they can't use it in their enterprise if they are providing "network services" with countries _not_ listed.
I still don't understand though how others (some unix os for example) ship 3des with public domain software.
my understanding is that the various unix OS's use crypto gunge that was developed outside the US, or which the US has deemed ok-for-export. there is another element, which was the patent on the RSA stuff, which has now expired. -- [ Jim Mercer jim@reptiles.org +1 416 410-5633 ] [ Reptilian Research -- Longer Life through Colder Blood ] [ Don't be fooled by cheap Finnish imitations; BSD is the One True Code. ]