[ntp:questions] Re: exporting NTP from the US

Danny Mayer mayer at ntp.isc.org
Thu Mar 30 03:55:02 UTC 2006


Harlan Stenn wrote:
>>>> In article <1143499803.384091.99930 at u72g2000cwu.googlegroups.com>, "alan.kiecker" <alan.kiecker at unisys.com> writes:
> 
> alan> In order to export software from the US that includes encryption
> alan> algorithms an "Export Commodity Control Number" or ECCN is required.
> 
> To my knowledge, NTP does not include any encryption software, just
> signature software.
> 

Well to be perfectly correct, it does not use encryption in operation
except for the generation of keys (ntpgen), but it does do
authentication in operation as well as using MD5 for packet validation.

> If one builds NTP where it can see the OpenSSL libraries, ntp will get
> encryption stuff from OpenSSL.
> 

NTP does use the OpenSSL libraries if the option is requested during the
configuration and subsequent build process and therefore needs the
OpenSSL libraries which themselves have encryption algorithms and the
API's to call them. In the case of Windows, NTP is always built with it
(though that could be turned off) and the OpenSSL DLL is included with
the binaries.

> Does that help?
> 
> Anybody disagree with what I have written?
> 

See above.

> H
> 



More information about the questions mailing list