Re: PMFJI, but what (if anything is happening wrt crypto and us)?
On Thu, Jul 20, 2000 at 11:04:57AM -0400, Richard A Nelson wrote:
> sendmail 8.11.0 was released last night (with SASL and TLS support) !
> I packaged it last night (thankfully I've kept up with the beta/gamma).
>
> I can't legally package it, and have been unsuccessful in getting the
> current 8.11.0.Beta removed from the FTP archive (also has TLS) because
> Debian has not registered its archives with the gov.
Yes, you can package it, so long as you don't link it with SSL. Note,
openldap can also be linked with SSL and Kerberos (as do many other
programs), but the binaries aren't linked, and can go safely into us/main.
> There are now several packages that have the same problem:
> fetchmail, bind9, mutt are some that I know of, and I'm sure there are others.
>
> I asked for info back in May 15, but was met with little help... Am I the
> only US developer with a package that has this problem?
>
> I suppose I could strip the TLS support, but the SASL support includes
> both authentication and encryption (thought the Debian SASL package
> may not offer both, I'm not sure).
That support does not contain any crypto. The crypto is in the libraries
with which it *could* be linked with. So if you don't link, then you are
not breaking any crypto laws, whatsoever.
Ben
--
-----------=======-=-======-=========-----------=====------------=-=------
/ Ben Collins -- ...on that fantastic voyage... -- Debian GNU/Linux \
` bcollins@debian.org -- bcollins@openldap.org -- bcollins@linux.com '
`---=========------=======-------------=-=-----=-===-======-------=--=---'
Reply to: