[VANILLA-L:33] Re: [VANILLA-L:30] RSA crap and shared libraries

To: vanilla-l@us.netrek.org
Subject: [VANILLA-L:33] Re: [VANILLA-L:30] RSA crap and shared libraries
From: Dave Ahn <ahn@vec.wfubmc.edu>
Date: Sat, 23 May 1998 01:13:30 -0400
In-Reply-To: <19980522174255.11176@wizard.real-time.com>; from Bob Tanner on Fri, May 22, 1998 at 05:42:55PM -0500
Mail-Followup-To: vanilla-l@us.netrek.org
Organization: Bowman Gray School of Medicine, Winston-Salem, NC, USA.
References: <19980522174255.11176@wizard.real-time.com>
Reply-To: vanilla-l@us.netrek.org
Sender: owner-vanilla-l

On Fri, May 22, 1998 at 05:42:55PM -0500, Bob Tanner wrote:
> 
> So, here is my pipe-dream. Can the RSA stuff be put into a shared
> library?

I recommend avoiding shared libs.  Not that anything's wrong with them,
but if someone doesn't know enough to compile the server, that person
will probably have even more trouble getting shared libs to work.

> What part of the res-rsa code cannot be exported?
> It looks to me like the server only uses rsa_utilmp.o, is this the
> "important" file that cannot be exported or is the entire res-rsa
> directory structure non-exportable?

Everything in res-rsa cannot be exported except for the RSA hooks
present in rsa-server.c.

> My assumption is then we can distribute a "netrek" binary with the
> dummy shared lib, then people would be able just install a binary and
> play. But, if they want RSA checking, the would need to get the legit
> RSA lib from the appropriate source. Then, just swap the legit RSA
> shared lib in place and they should be up and running.

Easier solution:
Build a binary server distribution with RSA disabled, write up some docs,
then make it available.  Using the same config, rebuild the server binaries
with RSA enabled.  Take the RSA-enabled daemonII and ntserv binaries and
export control them.  If someone wants to run an RSA-enabled server, that
person can contact you to get the replacement binaries.

> Comments?

If you want to read up on the legal issues of cryptography export, scan
the sci.crypt and PGP FAQs.

-- 
Dave Ahn <ahn@vec.wfubmc.edu>        |  "When you were born, you cried and the
                                     |  world rejoiced.  Try to live your life
Virtual Endoscopy Center             |  so that when you die, you will rejoice
Wake Forest Univ. School of Medicine |  and the world will cry."  -1/2 jj^2
+
++ Vanilla-l Mailing List ++
To unsubscribe: send "unsubscribe vanilla-l" to majordomo@real-time.com
For more information: http://archives.real-time.com

Follow-Ups:

[VANILLA-L:34] Re: [VANILLA-L:33] Re: [VANILLA-L:30] RSA crap and shared libraries

From: Bob Tanner <tanner@real-time.com>

References:

[VANILLA-L:30] RSA crap and shared libraries

From: Bob Tanner <tanner@real-time.com>

Prev by Date: [VANILLA-L:34] Re: [VANILLA-L:33] Re: [VANILLA-L:30] RSA crap and shared libraries
Next by Date: [VANILLA-L:32] What part of the res-rsa can't be exported
Prev by thread: [VANILLA-L:31] Re: [VANILLA-L:30] RSA crap and shared libraries
Next by thread: [VANILLA-L:34] Re: [VANILLA-L:33] Re: [VANILLA-L:30] RSA crap and shared libraries
Index(es):
- Main
- Thread