[ntp:hackers] Export restrictions on ntp-dev?

David Mills mills at udel.edu
Thu Apr 23 03:33:42 UTC 2009


Brian,

The current NTP disctibution does not include any crytographic 
algorithms or media other than MD5, which is used only to verify 
integrity, not to encrypt the data. Strong encryption means, including 
public key cryptography,  requires the OpenSSL library, which must be 
obtained separately and does not affect NTP functionality when strong 
cryptographic protection is not required. Even if the OpenSSL library 
has been obtained, it is used only to verify integrity, not to encrypt 
the data.

Dave

In the non-OpenSSL

Dave

Brian Utterback wrote:

> Something just came up in my efforts to get NTP 4.2.5 into Solaris. 
> The question of export restrictions on crypto is part of the checklist 
> for integration into any sun product, Solaris included.
>
> So, my question is, has the source code at udel.edu ever been through 
> a U.S. government export review? If so, is there any kind of 
> documentation or review number? How do other vendors deal with this? 
> Any clues, pointers, hints?
>
> Thanks.




More information about the hackers mailing list