Re: Encrypted File systems implementation into the kernel?

From: kernel@draper.net
Date: Mon Feb 07 2000 - 19:49:14 EST

Next message: William M. Perkins: "Re: SCSI errors while playing music and doing a tape backup"
Previous message: Chmouel Boudjnah: "Re: File sizes / MegaRaid"
In reply to: H. Peter Anvin: "Re: Encrypted File systems implementation into the kernel?"
Next in thread: H. Peter Anvin: "Re: Encrypted File systems implementation into the kernel?"
Reply: H. Peter Anvin: "Re: Encrypted File systems implementation into the kernel?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Feb 07, 2000 at 12:43:38PM -0800, H. Peter Anvin wrote:
> Followup to: <389F0585.D97F60DB@Mutz.com>
> By author: Marc Mutz <Marc@Mutz.com>
> In newsgroup: linux.dev.kernel
> > >
> > > Not IDEA, since it has patent and licensing restrictions.
> > >
> > Well, AFAIK, IDEA is free for non-commercial use. I don't see a big
> > problem there.
> >
>
> Thank you, I want to be able to use Linux for commercial use!
> However, there are plenty of good ciphers, such as 3DES, Blowfish and
> Twofish, that don't have these restrictions.
>
> -hpa

We are overlooking something important... that is that the rest
of the world will not accept U.S. based crypto systems (systems in this
context defined to be implementations of one or more flavors of
encryption algorithm).

I refer the group to Bruce Schneier's (author: Applied Cryptography)
January 15, 2000 newsletter where a source in the European financial
community states the sentiment rather succinctly:

<Quote>
Under the circumstances, the European finance and e-business industries
would have to be crazy to use U.S. crypto-based products. And they're
not crazy.

To play in this business in the rest of the world, the U.S. will have to
have a clear, consistent, and favorable policy, and U.S. companies will
have to present products that are demonstrably strong with no trap doors.
(I invite you to speculate if this will happen before Hell frezes over.)
In the meantime, there are plenty of non-U.S. products to choose from, and
banks like UBS, Credit Suisse, Grupo Intesa, Societe General, Deutsche
Bank, Generale Bank, Bank Austria, and Barclays are not sitting back
anxiously waiting for U.S. products to become available. They're doing
business with non-U.S. products that are just fine, thank you.
</Quote>

U.S. regulators continue to place limitations on conditions by which
crypto implementations may be released, presumably with an eye towards
preservation of evesdropping ability. Therefore, I urge that crypto
functionality NOT be made subject to U.S. regulation, and therefore NOT
be rolled into U.S. based kernel source trees.

Once the free world (Zurich?) begins to accept that U.S. based crypto
executables and source is untainted by government mandated "review"...
then, and only then, should we revisit this question.

IMHO,

Reed H. Petty
rhp@draper.net

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: William M. Perkins: "Re: SCSI errors while playing music and doing a tape backup"
Previous message: Chmouel Boudjnah: "Re: File sizes / MegaRaid"
In reply to: H. Peter Anvin: "Re: Encrypted File systems implementation into the kernel?"
Next in thread: H. Peter Anvin: "Re: Encrypted File systems implementation into the kernel?"
Reply: H. Peter Anvin: "Re: Encrypted File systems implementation into the kernel?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Mon Feb 07 2000 - 21:00:16 EST