Crypto and US - the time is nigh
I just realized that the sendmail update I made this weekend
8.11.0.Beta1 should probably be removed from its home in US/Extra/Mail
because the source (and binary) has hooks for SASL and TLS.
Whilst operating on a caffiene deficiency, I didn't realize this would
fall under the new laws... I just noticed:
Ever since the easing of crypto export regulations in the United States, we
have been working on releasing the STARTTLS and SMTP Authentication
Security Layer code into the open source. We have finally obtained legal
approval to do so and Sendmail, Inc. has donated the STARTTLS code to the
open source version. We feel it is a worthwhile change to release as a new
version.
What is the current policy wrt crypto and US? and if there isn't one,
what should be done with sendmail (and others - fetchmail *SHOULD* be
compiled with SSL feature, but isn't).
1) Is it enough to just not build sendmail with SASL/TLS and keep that
in us/extra/mail. Then, someone in a freer country could build with
the extenstions and we could have sendmail-tls in non-us/extra/mail?
2) Should I put 8.10.1 back out (again without SASL compiled in)?
3) I'm outa ideas...
wishing that `ignorance is the best policy` (Elmer Fudd) was true,
--
Rick Nelson
Life'll kill ya -- Warren Zevon
Then you'll be dead -- Life'll kill ya
Reply to: