Re: Mandating USA_RESIDENT
* From: Kris Kennaway [EMAIL PROTECTED] * On Mon, 17 Jan 2000, David O'Brien wrote: * * Due to the concequence involved, you really do need to check for 'NO', * 'YES', and "other". Rather than combining 'YES' and "other". * * You're suggesting not building openssl at all if they don't have a boolean * value? Maybe it's better to make it an error to not specify it (yes, killing "make world" and stuff, that's what UPDATING is for). Won't people get into legal trouble (technically) if they build the wrong version? Satoshi To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
On 18 Jan 2000 03:03:09 PST, Satoshi - Ports Wraith - Asami wrote: Maybe it's better to make it an error to not specify it (yes, killing "make world" and stuff, that's what UPDATING is for). There's no better time for doing so than prior to 4.0-RELEASE. :-) Does sysinstall set this one? If not, it should. Then we can stop worrying about it. :-) Ciao, Sheldon. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
Hi, If we are changing the meaning of "USA_RESIDENT", could we replace it by something else completely. I know that the USA are the center of the universe ;-), but... It seems to me that a things progress, the crypto regulation gets more complicated everyday. Why not have a "CRYPTO_COUNTRY" variable that could be set to "USA" "FRANCE" "CANADA" or "other" based where you live and weither special consideration must be taken relative to the crypto code ? Then as part of the build process, automatically create specific variables for RSA or other stuff as they show up: CRYPTO_RSA="RSAref" or CRYPTO_RSA="rsa" or CRYPTO_RSA="none". This can be done by a little bit of shell script easily. The other thing that could be set based on the CRYPTO_COUNTRY code is where to get the FreeBSD crypto related source from. Finally, the current "USA_RESIDENT" variable can then be generated automatically and with good confidence that it is set to a correct value (for the ports or source that still relies on that). OK, it may be overkill for what we need now. So if it looks too much like a bad idea, kill it now. Patrick. - Original Message - From: Sheldon Hearn [EMAIL PROTECTED] Newsgroups: list.freebsd.current Sent: Tuesday, January 18, 2000 8:02 AM Subject: Re: Mandating USA_RESIDENT On 18 Jan 2000 03:03:09 PST, Satoshi - Ports Wraith - Asami wrote: Maybe it's better to make it an error to not specify it (yes, killing "make world" and stuff, that's what UPDATING is for). There's no better time for doing so than prior to 4.0-RELEASE. :-) Does sysinstall set this one? If not, it should. Then we can stop worrying about it. :-) Ciao, Sheldon. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
On 18 Jan 2000 03:03:09 -0800, [EMAIL PROTECTED] (Satoshi - Ports Wraith - Asami) said: Won't people get into legal trouble (technically) if they build the wrong version? Depends on who they work for. Some people may work for organizations which have licensing agreements in place to permit them to use RSA. (This includes about 10,000 people who happen to work for the patent assignee.) -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same [EMAIL PROTECTED] | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
On 18-Jan-00 Satoshi - Ports Wraith - Asami wrote: Won't people get into legal trouble (technically) if they build the wrong version? As far as I understand things specifying USA_RESIDENT=yes when it is not true is liable (technically) to get some US based ftp server operator in trouble (most likely Walnut Creek) by downloading export controlled material from a US ftp site (this seems insane to me but that is my understanding). It may also get the user into trouble depending on the legal status of crypto in their country. Setting USA_RESIDENT=no when it is not true is liable to get the user into trouble for patent violations. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
On Tue, 18 Jan 2000, Sheldon Hearn wrote: Does sysinstall set this one? If not, it should. Then we can stop worrying about it. :-) Not yet, but it should. If someone can help me out here it would be greatly appreciated. Kris "How many roads must a man walk down, before you call him a man?" "Eight!" "That was a rhetorical question!" "Oh..then, seven!" -- Homer Simpson To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
On Tue, 18 Jan 2000, Patrick Bihan-Faou wrote: If we are changing the meaning of "USA_RESIDENT", could we replace it by We're not. It's just that until now it hasn't really mattered if it wasn't set (the cases where it did matter, like whether or not to fetch a crypto port from a US site, it was required it to be set there). Now it needs to be set to do a buildword. It seems to me that a things progress, the crypto regulation gets more complicated everyday. Why not have a "CRYPTO_COUNTRY" variable that could be set to "USA" "FRANCE" "CANADA" or "other" based where you live and weither special consideration must be taken relative to the crypto code ? I don't know much about the restrictions of other countries. If the current crypto policies were a legal problem for someone else we can surely change them to suit, but I'd rather not complicate things even more than they are already without a reason.. The other thing that could be set based on the CRYPTO_COUNTRY code is where to get the FreeBSD crypto related source from. Well, right now there is only one non-US crypto repository (AFAIK), so "closest" is a degenerate case :-) Kris "How many roads must a man walk down, before you call him a man?" "Eight!" "That was a rhetorical question!" "Oh..then, seven!" -- Homer Simpson To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
In message [EMAIL PROTECTED] Satoshi - Ports Wraith - Asami writes: : Won't people get into legal trouble (technically) if they build the : wrong version? RESIDENT=two-letter-iso-code CITIZEN=two-letter-iso-code Warner To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
In message [EMAIL PROTECTED] Kris Kennaway writes: : In message [EMAIL PROTECTED] Satoshi - Ports Wraith - :Asami writes: : : Won't people get into legal trouble (technically) if they build the : : wrong version? : : RESIDENT=two-letter-iso-code : CITIZEN=two-letter-iso-code : : What about us dual citizens? :-) OK, forget CITIZEN then. I forget that gets complicated in a hurry. I've forgotten than many middle eastern countries offer this (Isreal and Turkey come to mind) and it isn't as relevant as RESIDENT. The idea for RESIDENT would be that it must be in {us,ca} to build RSA patented stuff via RSAREF. If other patented or semi-patented stuff came along, then we could test to see if it was jp, and not build the YoShiHaNya ONeCo data compression modules for that country, but allow building them elsewhere. It would be much more flexible than the rigid and US Centric USA_RESIDENT. Warner To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
Not yet, but it should. If someone can help me out here it would be greatly appreciated. "Setting it in sysinstall" is easy. Deciding where and how to set it in response to questions at certain stages of the installations(s) is more the sticking point. - Jordan To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
On Tue, 18 Jan 2000, Warner Losh wrote: In message [EMAIL PROTECTED] Satoshi - Ports Wraith - Asami writes: : Won't people get into legal trouble (technically) if they build the : wrong version? RESIDENT=two-letter-iso-code CITIZEN=two-letter-iso-code What about us dual citizens? :-) Kris "How many roads must a man walk down, before you call him a man?" "Eight!" "That was a rhetorical question!" "Oh..then, seven!" -- Homer Simpson To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
At 9:58 AM -0800 2000/1/18, Kris Kennaway wrote: I don't know much about the restrictions of other countries. If the current crypto policies were a legal problem for someone else we can surely change them to suit, but I'd rather not complicate things even more than they are already without a reason.. Russia and France both are highly crypto-unfriendly, in that you are not allowed to use any crypto whatsoever unless it has been explicitly approved by the government. Since their lists of what's been "approved" (read: cracked) by the government may differ, we're starting to get into some issues here where I think a "CRYPTO_COUNTRY" variable would make a lot of sense, and then we could derive appropriate "RSA" and "USA_RESIDENT" variables from them. -- These are my opinions -- not to be taken as official Skynet policy |o| Brad Knowles, [EMAIL PROTECTED]Belgacom Skynet NV/SA |o| |o| Systems Architect, News FTP Admin Rue Col. Bourg, 124 |o| |o| Phone/Fax: +32-2-706.11.11/12.49 B-1140 Brussels |o| |o| http://www.skynet.be Belgium |o| \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/ Unix is like a wigwam -- no Gates, no Windows, and an Apache inside. Unix is very user-friendly. It's just picky who its friends are. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
On Tue, 18 Jan 2000, Jordan K. Hubbard wrote: Not yet, but it should. If someone can help me out here it would be greatly appreciated. "Setting it in sysinstall" is easy. Deciding where and how to set it in response to questions at certain stages of the installations(s) is more the sticking point. Maybe we should extend meaning of USA_RESIDENT or introduce new variable indicating contry. After doing netfork install, subsecuent fetces for ports/packages/distfiles from nearest ftp.xx.freebsd.org/cvsup.xx.freebsd.org is really handy. Specially for newcomers, who do not yet have idea of editing /etc/make.conf best regards, taavi --- Taavi Talvik| Internet: [EMAIL PROTECTED] Unineti Andmeside AS| phone: +372 6405150 Ravala pst. 10 | fax: +372 6405151 Tallinn 10143, Estonia | To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
On Tue, 18 Jan 2000, Taavi Talvik wrote: Maybe we should extend meaning of USA_RESIDENT or introduce new variable indicating contry. After doing netfork install, subsecuent fetces for ports/packages/distfiles from nearest ftp.xx.freebsd.org/cvsup.xx.freebsd.org is really handy. Specially for newcomers, who do not yet have idea of editing /etc/make.conf There seems to be broad support for this idea, but I'd prefer to leave it as is for now and get it working properly, then we can revisit it after 4.0-REL. Fetching packages due to network topology is another idea I've wanted to implement for a while, although I was thinking of doing it dynamically by testing the available bandwidth to each of the hosts (and storing it in a database) and using them in order of increasing bandwidth. Kris "How many roads must a man walk down, before you call him a man?" "Eight!" "That was a rhetorical question!" "Oh..then, seven!" -- Homer Simpson To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
On Tue, 18 Jan 2000, Kris Kennaway wrote: Fetching packages due to network topology is another idea I've wanted to implement for a while, although I was thinking of doing it dynamically by testing the available bandwidth to each of the hosts (and storing it in a database) and using them in order of increasing bandwidth. You also need to cater for those of us behind restrictive firewalls that keep our own copies of the packages distribution. Carl. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
On 18/01 20:03, Brad Knowles wrote: Russia and France both are highly crypto-unfriendly, in that you are not allowed to use any crypto whatsoever unless it has been explicitly approved by the government. France changed their policy from zero-crypto to allowing 128-bits almost exactly a year ago today. http://slashdot.org/articles/99/01/19/1255234.shtml -- "Readers who only want to see algorithms that are already packaged in a plug-in way, using a trendy language, should buy other people's books." -- D. E. Knuth To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
On Tue, Jan 18, 2000 at 10:26:12AM -0500, Patrick Bihan-Faou wrote: Then as part of the build process, automatically create specific variables for RSA or other stuff as they show up: CRYPTO_RSA="RSAref" or CRYPTO_RSA="rsa" or CRYPTO_RSA="none". This can be done by a little bit of shell script easily. I think this is the only way to properly handle it. As Garrett pointed out, some people in the USA actually do have a licence to use the "good" version of RSA. We could default if we wanted to: USA_RESIDENT=YES== CRYPTO_RSA=RSAref USA_RESIDENT=NO == CRYPTO_RSA=RSAintl if CRYPTO_RSA was unset. -- -- David([EMAIL PROTECTED]) To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
On Tue, 18 Jan 2000, David O'Brien wrote: I think this is the only way to properly handle it. As Garrett pointed out, some people in the USA actually do have a licence to use the "good" version of RSA. Is this the same Garrett who persuaded me not to include the RSA code at all in the freefall repository so that people wouldn't get in trouble for simply posessing it? :) We could default if we wanted to: USA_RESIDENT=YES== CRYPTO_RSA=RSAref USA_RESIDENT=NO == CRYPTO_RSA=RSAintl if CRYPTO_RSA was unset. I have no problem with this, but it means either we have to have people who have an RSA license get their crypto from internat, or freefall has to have the RSA code (possbibly in another cvsup collection). Kris "How many roads must a man walk down, before you call him a man?" "Eight!" "That was a rhetorical question!" "Oh..then, seven!" -- Homer Simpson To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
On Tue, 18 Jan 2000 18:15:35 -0800 (PST), Kris Kennaway [EMAIL PROTECTED] said: Is this the same Garrett who persuaded me not to include the RSA code at all in the freefall repository so that people wouldn't get in trouble for simply posessing it? :) No, this is the same Garrett who persuaded you not to include the RSA code at all in the freefall repository so that I could continue to maintain a mirror without getting into trouble with the Technology Licensing Office. I can (at work) *use* RSA all I want, but can't distribute it without approval from TLO, who must be persuaded that the Institute would benefit. I think it took them something like six months to come to agreement (with the then RSADSI) over the distribution of free PGP. This gets even more complicated when I start to involve my own private activities -- such as participating in the FreeBSD Project as a developer -- which is (part of) why I don't use software containing RSA in the course of personal-time activities. (And hence why I can't log in to freefall, at least until markm and I get Kerberos inter-realm set up.) -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same [EMAIL PROTECTED] | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
On Tue, 18 Jan 2000, Garrett Wollman wrote: No, this is the same Garrett who persuaded you not to include the RSA code at all in the freefall repository so that I could continue to maintain a mirror without getting into trouble with the Technology The upshot of all of which is that people who want RSA and have a license would have to get their crypto from internat, or from freefall with a special cvsup collection :-) Kris "How many roads must a man walk down, before you call him a man?" "Eight!" "That was a rhetorical question!" "Oh..then, seven!" -- Homer Simpson To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
Warner Losh wrote: In message [EMAIL PROTECTED] Satoshi - Ports Wraith - Asami writes: : Won't people get into legal trouble (technically) if they build the : wrong version? RESIDENT=two-letter-iso-code CITIZEN=two-letter-iso-code Is there an ISO code for Mars yet? -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC [EMAIL PROTECTED] http://softweyr.com/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
Kris Kennaway wrote: On Tue, 18 Jan 2000, Warner Losh wrote: In message [EMAIL PROTECTED] Satoshi - Ports Wraith - Asami writes: : Won't people get into legal trouble (technically) if they build the : wrong version? RESIDENT=two-letter-iso-code CITIZEN=two-letter-iso-code What about us dual citizens? :-) CITIZEN=HL # gone to HelL in the handbasket of my choice... -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC [EMAIL PROTECTED] http://softweyr.com/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
Patrick Bihan-Faou writes : [Charset iso-8859-1 unsupported, filtering to ASCII...] Hi, If we are changing the meaning of "USA_RESIDENT", could we replace it by something else completely. I know that the USA are the center of the universe ;-), but... It seems to me that a things progress, the crypto regulation gets more complicated everyday. Why not have a "CRYPTO_COUNTRY" variable that could be set to "USA" "FRANCE" "CANADA" or "other" based where you live and weither special consideration must be taken relative to the crypto code ? Hmm, i would also look at something similar - rather generalise towards countries that are crypto-unfriendly (like the USA, France, etc.) g. -- Geoff Rehmet, The Internet Solution [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] tel: +27-83-292-5800 To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Mandating USA_RESIDENT
On Mon, 17 Jan 2000, David O'Brien wrote: Due to the concequence involved, you really do need to check for 'NO', 'YES', and "other". Rather than combining 'YES' and "other". You're suggesting not building openssl at all if they don't have a boolean value? Kris "How many roads must a man walk down, before you call him a man?" "Eight!" "That was a rhetorical question!" "Oh..then, seven!" -- Homer Simpson To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message