On Sun, 18 Oct 1998 13:05:48 EDT, Brian Tao taob@risc.org wrote:
Netapp could put up a "domestic build" and an "internationalbuild" on now.netapp.com, and post up the usual disclaimers and domain name checks, etc. to satisfy export restrictions. I'd love to ssh into a Netapp and ditch rsh/telnet.
Brian is right, netapp ought to be able to do it and ought to do it too. But you could try what I do. I have a "console" host with lots of serial ports, each connected to one of my servers' console ports. ssh into that host. Then the serial line from there to the netapp is secure.
This workaround does not negate Brian's point.
Netapp could put up a "domestic build" and an "internationalbuild" on now.netapp.com, and post up the usual disclaimers and domain name checks, etc. to satisfy export restrictions. I'd love to ssh into a Netapp and ditch rsh/telnet.
Yet better, why wouldn't NetApp build and distribute the SSH implementation outside the USA? Then it would be available to all users, no matter where they lived. One of the most popular SSH implementations comes from Datafellows, a Finnish company.
On Mon, 19 Oct 1998, Teemu Peltonen wrote:
Yet better, why wouldn't NetApp build and distribute the SSH implementation outside the USA? Then it would be available to all users, no matter where they lived. One of the most popular SSH implementations comes from Datafellows, a Finnish company.
It's possible that Netapp does not have the resources to maintain developers outside of the U.S., but if they did, I would think Canada would be the most economical choice. ;-) Still, it may be a sticky situation because Netapp is still a U.S. company, employing mostly American software developer talent. They might have to team up with an independent foreign software house who writes all the code and integrates it into OnTAP. Not an easy proposition.
On Tue, 20 Oct 1998, Brian Tao wrote:
Yet better, why wouldn't NetApp build and distribute the SSH implementation outside the USA? Then it would be available to all
It's possible that Netapp does not have the resources to maintaindevelopers outside of the U.S., but if they did, I would think Canada
I've heard of many American companies employing developers in the former Soviet Union. However, many think that they should use their own strengths to solve their problems, lest we become enablers. They're talented, but I guess with fewer ego problems that lead to extreme salaries :)
"We each pay a fabulous price for our visions of paradise, but a spirit with a vision is a dream with a mission." This email licensed under the GPL (http://www.gnu.org/philosophy).
On 19 Oct 1998 06:51:22 -0700, Teemu Peltonen teepee@netti.fi wrote:
Yet better, why wouldn't NetApp build and distribute the SSH implementation outside the USA? Then it would be available to all users, no matter where they lived. One of the most popular SSH implementations comes from Datafellows, a Finnish company.
That wouldn't work, unless they move their whole engineering building outside of the US (I don't think Canada would do, because they have similar laws, and treaties with the US). If they were to hire some programmers let's say in Australia, they wouldn't be allowed to merge the code with their source tree, and ship it from the US. The shipping builds would have to be compiled and sold from Australia. But even that wouldn't quite work because it means that the US programmers would have to leave hooks in their code for the encryption module, and exporting a program with hooks for an encryption engine also violates ITAR :-(
That's why I was saying that they'd more or less have to move their whole engineering team outside of the US (and might even have to hire non US programmers because I'm not so sure that a US citizen is allowed to develop encryption software for another country).
No, things are far from easy :-(
Marc
That wouldn't work, unless they move their whole engineering building outside of the US (I don't think Canada would do, because they have similar laws, and treaties with the US).
The claim has been made that OpenBSD, by virtue of its development being based in Canada, doesn't have the crypto export restrictions imposed by the spooks here in the US; see
http://www.openbsd.org/crypto.html
although that page links to
http://insight.mcmaster.ca/org/efc/pages/doc/crypto-export.html
which discusses some possible complications with, among other things, the US laws.
-
Brian Tao -
Dan Bethe -
guy@netapp.com -
marc_merlin@magic.metawire.com -
Teemu Peltonen -
Tom Reingold