Cryptographic Software in Debian's Main Archive 96
Cine writes: "James Troup and Sam Hartman recently sent a note to all debian mirror maintainers, to inform them about the current situation and future plans. Sometime after March 8th, crypto software like OpenSSH, SSL support, and many other enhancements will be integrated into the debian main archive. This is in accordance to legal advice the Debian project received."
[OT?] Debconf 2002 announced (Score:2, Informative)
Perhaps this is a bit offtopic, but Debconf 2002 was also announced [debian.org] today. Will holding it in Canada make a difference crypto-wise? Probably not, but it should be a rockin' good time for participants anyway.
It's also been conveniently scheduled to coincide nicely with the Ottawa Linux Symposium [linuxsymposium.org]. Other than that, more info will be forthcoming within the next couple of weeks.
Re:IP address based restrictions (Score:3, Informative)
I know it's not an IP list, but it would be fairly simple to impliment - just block those TLD's. I suppose it would slow your server down some, having to reverse resolve every IP that connects to it. As far as updating the list, that shouldn't be too hard - all you have to do is have your lawyer give you a call every time a country is added or removed from the list (how often does that happen?) and just add their ccTLD to the block list. Or, just did a quick Google search and you can get a list from the U.S. Department of State [pmdtc.org].
Re:IP address based restrictions (Score:3, Informative)
Re:IP address based restrictions (Score:4, Informative)
I suggest the debian maintainers should check at LEAST this site.
http://caida.org
If you want to testdrive the acuracy of the mappings, why not check if it works fine for your connection. Just inset your IP number and go!:
http://netgeo.caida.org/perl/netgeo.cgi?target=
This is just a bad idea. (Score:4, Informative)
US crypto regulations are not only a nuisance, they're also volatile. "Things are getting better", we hear. Bullshit. Things are changing unpredictably. Few people (and certainly no software developers) have any idea what US policy will be next year.
The only sensible policy is to keep the crypto archive in a country that has never had export regulations for crypto software (there are many).
Re:no real effect (Score:4, Informative)
Unless I am missing something, this won't have any real effect on end users.
It will have benefits for end users, though probably not highly visible ones.
Cryptographic software packaged for Debian is available (and has been for a long time already) through non-us.debian.org [debian.org], but crypto-in-main will make further integration of crypto possible. A number of packages in main will get enhanced functionality once crypto is in main. E.g. CVS can start supporting Kerberos for authentication.
The functionality enhancements made possible by crypto-in-main are not limited to the direct benefits of crypto, as I can illustrate with the Gnumeric [debian.org] package. The Gnumeric spreadsheet can be built to be able to fetch data from databases using GDA [debian.org], the GNU Data Access library. Currently the Debian package is not built with GDA support. The reason for this is that Debian's GDA packages are on non-US (because their source package requires the PostgreSQL development package; PostgreSQL is on non-US as it is built with SSL support). Once we have crypto-in-main, I can build Gnumeric packages that have GDA support (probably in a separate plugin package).