Re: unusual startup messages

Bradley Ward Allen (ulmo@q.net)
01 Nov 1996 06:30:36 -0500


> You've raised an interesting point: once Linus moses to the US, we won't
> be able to integrate cryptography into the "standard" kernel if Linux is
> maintained from the U.S. instead of Finland.

Well, it seems crypto has to be in the kernel. Like there's IP
security for both IPv4 *and* IPv6, and obviously that's part of the
kernel, and it's expected to be ubiquitous at some stage.

My opinion for what it counts (mostly how much noise I make :) ) is to
have Linus include it before he leaves Finland, creating lots of
hooks, etc. so that if/when he moves to some other place others can
distribute designated drop-in patch sets that fit cleanly with the
kernel and are considered a part of it despite the distribution
(i.e. law abiding & broken-up package) realities. Actually making
them work with something isn't so important in my mind until they're
needed (as the goal in this case is to get around a legal hurdle).

So which algorithms? Well, there's DES (& 3DES), IDEA, BlowFish, MD5,
RSA, ... heck include them all, refine later. :) Or define the hooks
for the drop-ins now. Or something like that.

Lots of packages need cryptography. Perhaps a library? But how would
the kernel efficiently interface with a library? Is that insane? Is
POSIX working on a library interface? (Like for every IP packet.
This has to be *efficient*.) Also, lots of applications use it (email
(PGP, Netscape Mail (1Q 1997), SSH, telnet-SSL, httpd w/SSL). See?
It's at every level.