"M. Satyanarayanan" <satya_at_cs.cmu.edu> writes:

> What are the rules these days?  Is the scene stable enough that
> we don't have to rip out encryption code and put it back each
> time the political pendulum swings?   I haven't been following
> this stuff in the past few years, and wonder what 9/11 has done
> to this area.  I would hate to see hard work having to be undone,
> or Coda's distribution being restricted.

You have to ask your lawyer :-)  But seriously, they have been pretty
stable for about 4 years (from rough memory).

One good thing about using GSS-API is that if it comes to it, we can
just set the calls to do integrity only - that is unlikely (IMHO) to
be restricted.  GSS calls return an opaque blob - either
encrypted/maced or just maced.

-- 
        Greg Troxel <gdt_at_ir.bbn.com>