sdyer@bbnccv.UUCP (Steve Dyer) (05/07/85)
This may be naive, but,
Does the prohibition on the distribution of crypt() apply only to
sources, or do binary application programs like "login", "su", "ed"
and "vi", and any locally developed programs like "ftp" have to change,
too? What, pray tell, is the password field in /etc/passwd supposed
to contain if crypt() is out?
--
/Steve Dyer
{decvax,linus,ima,ihnp4}!bbncca!sdyer
sdyer@bbnccv.ARPAfred@mot.UUCP (Fred Christiansen) (05/09/85)
yes, vi(1) and ed(1) do get to change. login(1) and su(1) are not affected.
crypt(1) is gone. crypt(3C) is altered so that setkey() is gone and
decryption is not available. encryption is not affected, so passwords are
still encrypted.
--
<< Generic disclaimer >>
Fred Christiansen, Motorola Microsystems, Tempe {ihnp4,allegra}!sftig!mot!fred
{ihnp4,seismo}!ut-sally!oakhill!mot!fred {ihnp4,amdahl}!drivax!mot!fredwong@rtech.ARPA (J. Wong) (05/12/85)
> > Does the prohibition on the distribution of crypt() apply only to > sources ... So, what would happen if netters, in an effort to screw up the NSA, decide to post 'crypt()' source to the net, which just happens to get sent to Europe? Are there any legal penalties? Is your company liable? (It sounds like a better way to upset the NSA than putting keywords in articles :-).) -- J. Wong ucbvax!mtxinu!rtech!wong **************************************************************** You start a conversation, you can't even finish it. You're talking alot, but you're not saying anything. When I have nothing to say, my lips are sealed. Say something once, why say it again. - David Byrne
jim@mcvax.UUCP (Jim McKie) (05/24/85)
In article <379@rtech.ARPA> wong@rtech.ARPA (J. Wong) writes:
So, what would happen if netters, in an effort to screw up the NSA,
decide to post 'crypt()' source to the net, which just happens to
get sent to Europe? Are there any legal penalties? Is your company
liable?
Don't bother, we got all we ever wanted with Version 5, Version 6 ...ron@brl-tgr.ARPA (Ron Natalie <ron>) (06/01/85)
> In article <379@rtech.ARPA> wong@rtech.ARPA (J. Wong) writes: > So, what would happen if netters, in an effort to screw up the NSA, > decide to post 'crypt()' source to the net, which just happens to > get sent to Europe? Are there any legal penalties? Is your company > liable? > > Don't bother, we got all we ever wanted with Version 5, Version 6 ... Crypt in versions earlier than seven was not DES based, but built on a simple civil-war era rotor. -Ron