[ntp:hackers] Export restrictions on ntp-dev?
mills at udel.edu
Thu Apr 23 03:33:42 UTC 2009
The current NTP disctibution does not include any crytographic
algorithms or media other than MD5, which is used only to verify
integrity, not to encrypt the data. Strong encryption means, including
public key cryptography, requires the OpenSSL library, which must be
obtained separately and does not affect NTP functionality when strong
cryptographic protection is not required. Even if the OpenSSL library
has been obtained, it is used only to verify integrity, not to encrypt
In the non-OpenSSL
Brian Utterback wrote:
> Something just came up in my efforts to get NTP 4.2.5 into Solaris.
> The question of export restrictions on crypto is part of the checklist
> for integration into any sun product, Solaris included.
> So, my question is, has the source code at udel.edu ever been through
> a U.S. government export review? If so, is there any kind of
> documentation or review number? How do other vendors deal with this?
> Any clues, pointers, hints?
More information about the hackers