jis@MIT.EDU (Jeffrey I. Schiller) (06/13/91)
Date: 12 Jun 91 23:26:53 GMT From: ggm@brolga.cc.uq.oz.au (George Michaelson) Organization: Prentice Computer Centre, The University of Queensland, Australia. References: <9106121512.AA07413@tsx-11.MIT.EDU> Sender: owner-comp-protocols-kerberos@shelby.Stanford.EDU Can you please in future provide some indication of how and when non US located networked people can obtain this software. Simply stating that export permissions do not exist begs several questions: Has MIT even applied for an export licence? No. Export licenses are obtained on a case by case basis for each export. Ie. it isn't a simple form we fill out and submit to the government. The process can be quite time consuming and costly. In general MIT does not engage in export arrangements. Instead we expect that vendors will productize our code and obtain the necessary export licenses when they have customers who wish the product. Btw. There is no guarantee that an export license request will be granted. Is anybody else looking to get an export licence? I think it is probably too early for most people to comment, any takers out there... Will this implementation appear in any form similar to the "bones" release? Good question. At this point we just got the "regular" release out and expect to spend some time on bugfixes etc. Although we are not yet prepared to make a commitment yet, I would expect that such a release will be available at some point. I wish I could have been more helpful. I didn't invent the COCOM regulations, unfortunately, we have to follow them :-(. -Jeff
pato@APOLLO.COM (Joe Pato) (06/13/91)
Is anybody else looking to get an export licence?
I think it is probably too early for most people to comment, any takers
out there...
The OSF DCE which includes a version of the MIT Athena Kerberos V5 has been
modified for export. This version of the code qualifies for export under
Commerce Department regulations. At this time (not quite version 1.0 yet)
binary versions of the DCE do not include the MIT API - access to Kerberos is
provided in the authenticated RPC facility. The source code version of the DCE
includes the Kerberos sources (minus the encryption code in the international
edition). We are working on making the binary version include most of the MIT
API as well - excluding those entry points that could be used to turn the code
into an encryption engine.
-- Joe Pato
Cooperative Computing Division
Hewlett-Packard Company
pato@apollo.hp.com
-------pfenning@techfak.uni-bielefeld.de (Joerg-Thomas Pfenning) (06/14/91)
Since I visited MIT in January just for the reason to get an deeper insight in when and how to start with switching our network to kerberized services, I am quite dissapointed now. I was advised to wait for the new release, which is certainly better suited to our einvironment, but now I have an unclear announcement of a DES free version. I would had preferred to hear that in january. So I also interested in getting an export license. Do You think the embassy is the right contact for me? Has anybody else in Europe experiences in getting such a license? Thomas P.S.: Nobody in Europe has invented COCOM either. -- Thomas Pfenning, University of Bielefeld, Technical Computer Science E-Mail: pfenning@techfak.uni-bielefeld.de Phone: +49 521 106 2918 Fax: +49 521 106 6328 Snail-Mail: Universitaetsstr., W 4800 Bielefeld 1, Germany -- Thomas Pfenning, University of Bielefeld, Technical Computer Science E-Mail: pfenning@techfak.uni-bielefeld.de Phone: +49 521 106 2918 Fax: +49 521 106 6328 Snail-Mail: Universitaetsstr., W 4800 Bielefeld 1, Germany
henry@ADS.COM (Henry Mensch) (06/14/91)
it is pointless to beat on MIT on this issue; they don't make the rules, and MIT isn't chartered to be an exporter of software (remember that they are an educational institution first). if you want to be the first on your block to have Kerberos then it may be more worth your while to tell your hardware/software vendors. this has worked, to some degree, already (witness the presence of Kerberos in current ULTRIX releases, in some types of terminal servers, etc.) -- henry --------