httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From (Cliff Skolnick)
Subject Re: export restrictions & mirroring Apache at NCSA
Date Thu, 18 May 1995 19:53:28 GMT
Actaully renameing hooks is ok.  I just talked with a bunch of people, one
of which is being chase by the govornment for publishing PGP.  The
suggestion was to call it a compression hook, which then could be
granted a waiver.  This would not be quick, but would work.  On the
other hand some think that ITAR does not cover items in the public
domain, but that has never been tested in court just yet.


On May 18,  6:42pm, Robert S. Thau wrote:
} Subject: Re: export restrictions & mirroring Apache at NCSA
} Unfortunately, "renaming the hooks" is not really credible --- I don't
} think *anyone* would buy for a minute that code which grants special
} treatment to GET requests with a content body type with the magic value
} application/x-www-pgp-request, and which invokes "some external program"
} with arguments appropriate for PGP itself and nothing else, is just some
} kind of general-purpose compression hook.  (GET requests with that MIME
} type are used as the unencrypted "envelopes" for requests in the ad hoc
} NCSA PGP/PEM encryption scheme which this code supports --- it's
} decrypt_request in http_auth.c, for the curious).
} Besides, there *are* already people fighting the good fight on this issue,
} and it's not clear to me that the best thing we can do to support them is
} to nominate ourselves as another bunch of martyrs.

I am not for this, but there are legal ways to accomplish our objective.
BTW this effects many OS vendors shiping source to NCSA in one form
or another.  We will not stand alone. 

} rst
}-- End of excerpt from Robert S. Thau

View raw message