===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/crypto.html,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -r1.31 -r1.32
--- www/crypto.html	1999/05/10 16:47:56	1.31
+++ www/crypto.html	1999/09/22 05:54:08	1.32
@@ -14,8 +14,28 @@
 
 <img alt="[OpenBSD]" height=200 width=200 SRC="images/blowfish.jpg">
 
+<h3><font color=#e00000><strong>Cryptography</strong></font></h3>
+<hr>
+
+<strong>Index</strong><br>
+<a href=#why>Why do we ship cryptography?</a>.<br> 
+<a href=#disclosure>Full Disclosure policy</a>.<br> 
+<a href=#process>Source code auditing process</a>.<br> 
+
+<a href=#prng>Pseudo Random Number Generators</a> (PRNG): ARC4, ...<br>
+<a href=#hash>Cryptographic Hash Functions</a>: MD5, SHA1, ...<br>
+<a href=#trans>Cryptographic Transforms</a>: DES, Blowfish, ...<br>
+
+<a href=#people>International Cryptographers wanted</a><br>
 <p>
-<h3><font color=#e00000><strong>OpenBSD Cryptography</strong></font></h3>
+<hr>
+
+<dl>
+<a name=why></a>
+<li><h3><font color=#e00000><strong>Why do we ship cryptography?</strong></font></h3><p>
+
+In three words:  <strong>because we can</strong>.<p>
+
 The OpenBSD project is based in Canada.<p>
 
 The <a href=ECL.html>Export Control List of Canada</a>
@@ -30,7 +50,7 @@
 Hence the OpenBSD project has embedded cryptography into numerous places
 in the operating system.  We require that the cryptographic software we
 use be <a href=policy.html>freely available and with good licenses</a>.
-We do not use cryptography with nasty patents.
+We do not directly use cryptography with nasty patents.
 We also require that such software is from countries with useful export
 licenses because we do not wish to break the laws of any country.
 The cryptographic software components which we use currently were
@@ -54,15 +74,10 @@
 cryptography utilized in OpenBSD can be classified into three
 different aspects:<p>
 
-<ul>
-<li><a href=#prng>Pseudo Random Number Generators</a> (PRNG): ARC4, ...
-<li><a href=#hash>Cryptographic Hash Functions</a>: MD5, SHA1, ...
-<li><a href=#trans>Cryptographic Transforms</a>: DES, Blowfish, ...
-</ul>
-
 <p>
 <a name=prng></a>
-<h3><font color=#e00000><strong>Pseudo Random Number Generators</strong></font></h3>
+<li><h3><font color=#e00000><strong>Pseudo Random Number Generators</strong></font></h3><p>
+
 A Pseudo Random Number Generator (PRNG) provides applications with a stream of 
 numbers which have certain important properties for system security:<p>
 
@@ -72,6 +87,7 @@
 <li>The generated numbers should not have repeating patterns which means
 	the PRNG should have a very long cycle length.
 </ul>
+<p>
 
 A PRNG is normally just an algorithm where the same initial starting
 values will yield the same sequence of outputs. On a multiuser
@@ -104,7 +120,8 @@
 
 <p>
 <a name=hash></a>
-<h3><font color=#e00000><strong>Cryptographic Hash Functions</strong></font></h3>
+<li><h3><font color=#e00000><strong>Cryptographic Hash Functions</strong></font></h3><p>
+
 A Hash Function compresses its input data to a string of
 constant size. For a Cryptographic Hash Function it is infeasible to find
 <ul>
@@ -112,6 +129,7 @@
 <li>a different input for a given input with the same output
 	(2nd preimage resistant).
 </ul>
+<p>
 
 In OpenBSD MD5, SHA1, and RIPEMD-160 are used as Cryptographic Hash Functions,
 e.g.
@@ -131,10 +149,12 @@
     options(4)</a>
 <li>In libssl for digital signing of messages.
 </ul>
+<p>
 
 <p>
 <a name=trans></a>
-<h3><font color=#e00000><strong>Cryptographic Transforms</strong></font></h3>
+<li><h3><font color=#e00000><strong>Cryptographic Transforms</strong></font></h3><p>
+
 Cryptographic Transforms are used to encrypt and decrypt data. These
 are normally used with an encryption key for data encryption and with
 a decryption key for data decryption. The security of a Cryptographic
@@ -167,11 +187,22 @@
 </ul>
 
 <p>
+<a name=people></a>
+<li><h3><font color=#e00000><strong>International Cryptographers Wanted</strong></font></h3><p>
+
+Of course, our project needs people to work on these systems.  If any
+non-American cryptographer who meets the constraints listed earlier is
+interested in helping out with embedded cryptography in OpenBSD,
+please contact us.<p>
+
+</dl>
+
+<p>
 <hr>
 <a href=/index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a>
 <a href=mailto:www@openbsd.org>www@openbsd.org</a>
 <br>
-<small>$OpenBSD: crypto.html,v 1.31 1999/05/10 16:47:56 aaron Exp $</small>
+<small>$OpenBSD: crypto.html,v 1.32 1999/09/22 05:54:08 deraadt Exp $</small>
 
 </body>
 </html>