> Would it be possible to provide an export version as well? I always
> thought the export problem was only due to possible bulk encryption
> using upserver/upclient, and these shouldn't be part of an AFS client
> implementation, anyway.
It is my understanding (if I am wrong, can some Transarc person
correct me) that there is also an export concern for the kernel
module, libafs.o. In particular, the authentication routines use an
encryption scheme called fcrypt. Transarc has told me that they
use a special technique to create their exportable versions, to
hide the fcrypt functions in the kernel module. I've attempted to
do something similar in my module, but the powers that be at
Transarc do not want to bet their company on it.
Therefore, the only option left is to file a Commodity Jurisdiction
(CJ) request with the US government to export Linux-AFS. I have not
had the time nor resources to make this request, and even if it is
granted I do not know if Transarc will distribute Linux-AFS. Transarc
has been unwilling to file the CJ on their own, or to help me file
one.
So, the only thing, IMO, stopping Linux-AFS from being exported is a
CJ request. I believe it will be granted. It is my hope to file one
at some point, but it is not near to top of my priority list. The
other question is whether Transarc will agree to distribute Linux-AFS
if I get CJ approval.
As you can see, there are a lot of "if"s in there. I hope Transarc
will make the right decisions.
I hope this helps.
-derek
