version 1.6, 1998/02/20 21:55:56 |
version 1.7, 1998/02/20 22:05:02 |
|
|
use be <a href=policy.html>freely available and with good licenses</a>. |
use be <a href=policy.html>freely available and with good licenses</a>. |
We do not use cryptography with nasty patents. |
We do not use cryptography with nasty patents. |
We also require that such software is from a countries with useful export |
We also require that such software is from a countries with useful export |
licenses because we do not wish to break the laws of any country. |
licenses because we do not wish to break the laws of any country.<p> |
|
|
|
We use strong and weak crypto in different parts of the system: |
|
|
<ul> |
<ul> |
<li>Strong blowfish based password entries. |
<li>Strong blowfish based password entries with 128-bit salt and a |
|
strength-control mechanism for the system administrator. |
<li>KerberosIV fully integrated. |
<li>KerberosIV fully integrated. |
<li>IPSEC with 10+ ciphers integrated into the OS. |
<li>IPSEC with 10+ ciphers integrated into the OS. |
<li>IPSEC Photuris daemon |
<li>The IPSEC Photuris daemon. |
<li>Strong random number components used in numerous places. |
<li>Strong random number components are used in numerous places. |
<li>All the normal DES code in libc, where it belongs. |
<li>All the normal DES code is in libc (where it belongs). |
|
<li>DNS id pseudo-randomization. |
<li>(What have I missed?) |
<li>(What have I missed?) |
</ul> |
</ul> |
<p> |
<p> |
|
|
When we make OpenBSD releases or snapshots we do our build processes |
When we make OpenBSD releases or snapshots we do our build processes |
in free countries to assure that the sources and binaries we provide |
in free countries to assure that the sources and binaries we provide |
to users are free of tainting.<p> |
to users are free of tainting. In the past our release binary builds |
|
have been done in Canada, Sweden, and Germany.<p> |
|
|
<hr> |
<hr> |
<font size="-1"> |
<font size="-1"> |