Full Kerberos, with DES, *is* available outside the US. The US allows export of cryptographic *binaries* for authentication purposes. For example, it is possible to get DECathena, which contains Kerberos with DES, which is compatible with MIT Kerberos. It even contains libraries, but not the functions to encrypt data for privacy, just enough to create checksummed messages. Its just that the SOURCE code is not available, but it is fairly simple to generate an exportable binary suite.
I doubt DH is exportable, since it is key exchange, which in general is not exportable. Jim, care to comment?
Yes, there is a version of RSAREF w/ DH included (I have a beta-test version, although I haven't played with it a lot). I don't know when this will be released to the world.
Where can I get a copy of this, or just the patches to patch RSAREF? Or even D-H itself would be nice - I'd like to hack together an encrypted telnet/rlogin suite for use when I'm on the road, so I can get into my system at the house from the laptop and not have to worry about someone snarfing my login/password combo... I've got RSAREF, BTW ... haven't looked at it much, though... -- Ed Carp, N7EKG ecarp@netcom.com 510/659-9560 "What's the sense of trying hard to find your dreams without someone to share it with, tell me, what does it mean?" -- Whitney Houston, "Run To You"