Re: Linux crypto patch for 2.3 kernels

From: David Weinehall (tao@acc.umu.se)
Date: Tue Jan 18 2000 - 21:42:46 EST


On Tue, 18 Jan 2000, Mike A. Harris wrote:

[snip]
> country. Small countries with small population are relatively
> irrelevant IMHO... either way.

While I not agree with this, I see your point.
 
> Crypto is GOOD for us, and good for the world. We just have to
> be careful thats all.

That's true. Privacy is an important part of Freedom.
 
> >(Last time I looked at the crypto law survey page, Russia did not allow
> >the use of strong crypto - or my brain becomes all but holes...)
>
> Hmm.. That is bad then. Russia is important IMHO. This brings
> up a point:
>
> How many countries out there that have a significant population
> or impact on the world - have strong crypto laws still?

Regardless of how important you consider each country is, they are always
important for those who live there...

But I'd bet that for instance China has crypto-laws (no, I don't know if
this indeed is true; it's merely a guess, depending on their political
system), and China has the world's largest population, is a growing,
prospering economy (now that they slowly approach market-economy),
and has a rapidly growing Linux userbase.

Oh, and I'd consider Cuba, Iran, Iraq, Libya, North Korea, Sudan and Syria
(the "horrible" 7, that the US seem to fear more than death itself),
more than enough reason not to put crypto into the kernel.

Would you want to barr off even one of the kernel-developers, when there's
already a perfect legit way of spreading the crypto-code. While it's pretty
probably none of the kernel-developers come from the "horrible" 7 (at least,
there were none in the CREDITS-file in v2.3.39), there may be more countries
that get barred off.

Those people who don't know how to recompile a kernel, buy or download
a distribution and the kernel that comes with it. Almost every distro
that I know of has some kind of mirror where you can download software
banned in the States (crypto, patent-encumbered stuff, etc.), and for those
who _do_ know how to compile a kernel, ftp.kerneli.org is the perfect place
to visit. What we need is simply the distro-makers to start compiling
crypto-support into their kernels as default (only the international
versions, of course), and provide them from a server somewhere.

However, if it proves itself that the change of mind in the US indeed is
as good as it seems, we could start distributing the kerneli-patches from
ftp.kernel.org too. Those mirrors who then aren't allowed to import crypto
simply can exclude one directory (I'm no expert on rsync/mirroring or
whatever is used, but I believe it's possible, correct me if I'm wrong.)

I think that we have to realise, that the big problem is not whether it's
allowed to USE crypto in a country, or if it's allowed to IMPORT crypto.
Almost no countries have such regulations. But a lot of mirrors of
ftp.kernel.org might have to close down if we put stuff that is illegal
to EXPORT into the kernel.

IANAL, but from my review of the Swedish regulations on crypto, for instance,
it wouldn't be possible to redistribute the ikernel-patches from Sweden
once imported. While the probability of anyone giving a damn here in Sweden
is minimal (considering how easy it seems to export weapons from Sweden...),
there are other countries that might be harder.

/David
  _ _
 // David Weinehall <tao@acc.umu.se> /> Northern lights wander \\
// Project MCA Linux hacker // Dance across the winter sky //
\> http://www.acc.umu.se/~tao/ </ Full colour fire </

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Sun Jan 23 2000 - 21:00:19 EST