Re: pptp, ppp with Microsoft encryption

To: debian-legal@lists.debian.org
Subject: Re: pptp, ppp with Microsoft encryption
From: "J.H.M. Dassen \(Ray\)" <jdassen@wi.LeidenUniv.nl>
Date: Thu, 30 Sep 1999 17:10:42 +0200
Message-id: <[🔎] 19990930171042.A9345@pc203a.wi.leidenuniv.nl>
Mail-followup-to: debian-legal@lists.debian.org
In-reply-to: <[🔎] 37F33CB6.295A7D21@vianova.at>; from Rene Mayrhofer on Thu, Sep 30, 1999 at 10:34:30AM +0000
References: <[🔎] 37F33CB6.295A7D21@vianova.at>

On Thu, Sep 30, 1999 at 10:34:30 +0000, Rene Mayrhofer wrote:
> Is RC4 encryption a problem with the US export laws ?

I suspect so. It may depend on the bitsize (IIRC, regular netscape uses
40-bit RC4), but even for the case of an allowed bitsize, an export license
might be required.

> What about MD4 (it is used as well with mppe and mschap codes) ?

MD* are message digests, aka secure hash functions. As such, they don't
perform encryption (though there are ways to build ciphers from them).

> The additional files 'rc4.h' and 'rc4_enc.c' that are needed for patching
> the kernel ppp part have this license and I do not know if they qualify as
> DFSG-free software:

It looks like they're from SSLeay/OpenSSL, which are DFSG-free. 

The license is not GPL-compatible though, so they cannot be incorporated
into the kernel. A solution would be to make them into loadable kernel
modules or coordinate with the www.kerneli.org folks and find GPL-compatible
RC4 code somewhere.

HTH,
Ray
-- 
Obsig: developing a new sig

Reply to:

References:
- pptp, ppp with Microsoft encryption
  - From: Rene Mayrhofer <rene.mayrhofer@vianova.at>

Prev by Date: pptp, ppp with Microsoft encryption
Next by Date: Re: web site license
Previous by thread: pptp, ppp with Microsoft encryption
Index(es):
- Date
- Thread