|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: ssh access to cisco and "unfriendlies"
On Thu, Nov 23, 2000 at 05:53:11PM +0100, theo wrote: > > however, it is my understanding that IPSec will require 3des. so, while > > i can have quasi-encrypted config access, i can't use the new and improved > > VPN technology without 3des. > > > > hmmm, I think you can still run ipsec tunnels with des only. But still > the argument counts that you are not using the latest encryption technology. i have no interest in using the latest crypto gunge in "restricted" countries. i would like to 3des enable my local (canadian) routers, so that i can use 3des with my canadian/US/UK customers. > > i wonder if uunet/teleglobe/cable-and-wireless have gotten special > > permission to run 3des capable routers on their networks. i'm sure > > that all three are supplying network services to countries not on > > that list. > > very good question. My interpretation of the licence agreement is that > they can do so in the "listed" countries *only* but not in the rest. my interpretation is that they can't use it in their enterprise if they are providing "network services" with countries _not_ listed. > I still don't understand though how others (some unix os for > example) ship 3des with public domain software. my understanding is that the various unix OS's use crypto gunge that was developed outside the US, or which the US has deemed ok-for-export. there is another element, which was the patent on the RSA stuff, which has now expired. -- [ Jim Mercer [email protected] +1 416 410-5633 ] [ Reptilian Research -- Longer Life through Colder Blood ] [ Don't be fooled by cheap Finnish imitations; BSD is the One True Code. ]
|