Why do we ship cryptography?
In three words: because we can.
The OpenBSD project is based in Canada.
The Export Control List of Canada
places no significant restriction on the export of
cryptographic software, and is even more explicit about the free
export of freely-available cryptographic software. Marc Plumb has
done
some research to test the cryptographic laws.
Hence the OpenBSD project has embedded cryptography into numerous places
in the operating system. We require that the cryptographic software we
use be freely available and with good licenses.
We do not directly use cryptography with nasty patents.
We also require that such software is from countries with useful export
licenses because we do not wish to break the laws of any country.
OpenBSD was the first operating system to ship with an IPsec stack.
We've been including IPsec since the OpenBSD 2.1 release in 1997.
OpenSSH
As of the 2.6 release, OpenBSD contains
OpenSSH, an absolutely free and
patent unencumbered version of ssh.
OpenSSH interoperated with ssh
version 1 and had many added features,
-
all components of a restrictive nature (i.e., patents, see
ssl(8))
had been directly removed from the source code; any licensed or
patented components used external libraries.
-
had been updated to support ssh protocol 1.5.
-
supported one-time password authentication with
skey(1).
Roughly said, we took a free license release of ssh, OpenBSD-ifyed it.
About a year later, we extended OpenSSH to also do SSH 2 protocol, the
result being support for all 3 major SSH protocols: 1.3, 1.5, 2.0.
International Cryptographers Wanted
Of course, our project needs people to work on these systems. If any
non-American cryptographer who meets the constraints listed earlier is
interested in helping out with embedded cryptography in OpenBSD,
please contact us.
Further Reading
A number of papers have been written by OpenBSD team members, about
cryptographic changes they have done in OpenBSD. The postscript
versions of these documents are available as follows.
- A Future-Adaptable Password Scheme.
Usenix 1999,
by Niels Provos,
David Mazieres.
paper and
slides.
- Cryptography in OpenBSD: An Overview.
Usenix 1999,
by Theo de Raadt,
Niklas Hallqvist,
Artur Grabowski,
Angelos D. Keromytis,
Niels Provos.
paper and
slides.
- Implementing Internet Key Exchange (IKE).
Usenix 2000,
by Niklas Hallqvist and
Angelos D. Keromytis.
paper and
slides.
- Encrypting Virtual Memory.
Usenix Security 2000,
Niels Provos.
paper and
slides.
- The Design of the OpenBSD Cryptographic Framework.
Usenix 2003, by
Angelos D. Keromytis,
Jason L. Wright, and
Theo de Raadt.
paper.
- Cryptography As an Operating System Service: A Case Study.
ACM Transactions on Computer Systems,
February 2006, by
Angelos D. Keromytis,
Jason L. Wright, and
Theo de Raadt.
paper.
¡®Yes, sir. I felt sure you understood that. She said she had told you.¡¯ "Why, eh,--I--I don't know that my movements need have anything to do with his. Yours, of course,--" "Ah, but if it saved your life!" "No, I'm not," grumbled the Doctor, "I've had enough of this wild-goose chase. And besides, it's nearly dinner time." "I am coming to that," Lawrence said, lighting a fresh cigarette. "As soon as Bruce was in trouble and the plot began to reel off I saw that it was mine. Of course there were large varyings in the details, but the scheme was mine. It was even laid on the same spot as my skeleton story. When I grasped that, I knew quite well that somebody must have stolen my plot." Judy In a coach-house, through which we passed on our way to see the prince's favourite horses with the state carriages¡ªquite commonplace and comfortable, and made at Palitana¡ªwas a chigram,[Pg 68] off which its silk cover was lifted; it was painted bright red and spangled with twinkling copper nails. This carriage, which is hermetically closed when the Ranee goes out in it, was lined with cloth-of-gold patterned with Gohel Sheri's initials within a horseshoe: a little hand-glass on one of the cushions, two boxes of chased silver, the curtains and hangings redolent of otto of roses. "Are you certain of it? You have seen so very little of him, and you may be mistaken." "And your wife?" "I drawed on my man's bundle o' wood," said Gid, "and then dropped a little, so's to git him where he was biggest and make sure o' him." HoME²¨¶àÒ°½áÒÂ×óÏßÊÓƵ
ENTER NUMBET 0016www.lzczjc.com.cn
www.jwshwr.com.cn
fbbbkt.com.cn
micao.net.cn
lhxinyida.org.cn
knwjbr.com.cn
ssddgo.com.cn
www.newlvjie.com.cn
pqlepz.com.cn
www.woooyoo.net.cn