[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

LYNX-DEV SSL Distribution (Was: Lynx 2.7.1)

From: Mark Mentovai
Subject: LYNX-DEV SSL Distribution (Was: Lynx 2.7.1)
Date: Thu, 1 Jan 1998 11:07:38 -0500 (EST)

On Wed, 31 Dec 1997, Matt Ackeret wrote:

> > On the question of SSL.  Unfortunately, we cannot put SSL capability into
> > the general distribution because of the draconian US laws concerning the
> > export of encryption technology.  However, there is more than one way to
> Ok, so I guess I'm actually arguing the lazier end..  Could there
> at least be "full distributions" of the stuff WITH the SSL already in, 
> on US FTP sites, alongside the non-SSL ones?

No, that would generate problems because there would be nothing stopping
other people from other countries from FTPing the full SSL distribution to
their sites, effectively exporting the code.  (Oh no!  The world would 
come to an end!)  Something like what Netscape and PGP Software have could
be used for the "strong cryptography" stuff: a little web page that has a
few checkboxes and is linked to a program.  The checkboxes ask stupid
questions like "are you a US citizen" and "do you intend to overthrow the
US government", and if you answer correctly, then you get to download the
software, if not the Secret Service shows up at your doorstep.  There's
really nothing preventing people from answering the questions falsely, but
then again, there's nothing preventing foreigners from e-mailing Fote now
and claiming that they really are US or Canadian citizens.  The method I'm
bringing up is just a little bit more automated.

Here's another thing, that's slightly related: how about distributing the
SSL patches as diff files as well?  I had to create my own diffs to apply
the SSL patches to the most recent development code, and it wasn't that
big of a problem, but I'm sure that some more novice users would have been


Mark Mentovai

reply via email to

[Prev in Thread] Current Thread [Next in Thread]