Re: LYNX-DEV How do I get https to work?

[Subir Grewal]

On Wed, 9 Apr 1997, Michael Ritzert wrote:

:   There is an SSL enabled Lynx available from
:
:          ftp://shadow.cabi.net/pub/Linux
:
:Do You really believe rpm is the appropriate standard for
:distributions? Only redhat has it on their CDs. tar.gz would be more
:appropriate, zip and zoo, too.

Okay, this thing has come up before so I should answer it.  Almost
everyone in the Linux community agrees that the redhat package manager is
a great idea.  Yes, it is not the ideal distribution method for software
like Lynx.  The only reason I mentioned it was because it's the only site
I know of that distributes a SSL enabled Lynx.  When you do it any other
way (ask Fote, get Tom's patches/proxy) you have to know what you're
doing.

:Is it a violation to US export laws to download this file from a
:german site?

No.  There are no laws restricting the import of cryptographic software.
There are laws restricting re-export.  (makes you wonder who's making
these things up).

:2. The ssl code has to be re-implemented on the base of libraries freely
:available outside the US. Such libs exist, don't they?

Not the point.  Tom's proxy is based on SSLeay, freely available SSL
library developed and maintained by Australians.  It's still not
exportable because the hooks were written by Tom, a US resident in the US
at the time.  The only way we could have a copy of crypto software
developed by a US resident outside the US without someone breaking a US
export law was if we were to sponsor a trip for the developer, send them
to the Bahamas maybe, where they could write everything.  That still does
not mean the code is exportable.  What the US (and other governments) want
to do is isolate the development of cryptographic tools, hamper the
development of an international community of cryptographers from working
together. 

:2.a. It would be great if there was an open standardized interface
:between the ssl code which would make it as easy as possible to adapt
:the stuff to the other free browsers, notably mMosaic, chimera 2.x,
:arena  and mnemonic (if the latter will evolve from it present
:discussion state to some runnable code).

As Tom wrote a while ago, it's unclear whether the hooks themselves can be
exported.  Never assume the EAR (nee ITAR) was developed by rational
beings.  It was developed and is enforced by people, organizations,
structures within society that _will_ use any excuse to attain their
objectives because they firmly believe _they_ _are_ _right_.  These are
the fundamentalists wee should be afraid of.

Unfortunately, I can't resist from making political statements when
writing on this topic.  It's not a good idea for me to do this on
Lynx-Dev.  If you'd like to carry on a private conversation, I'd be more
than glad to oblige, we could perhaps post a summary on Lynx-Dev if
anyone's interested.

address@hidden  *  Lynx 2.7.1  *  PGP  *  http://www.crl.com/~subir/
Clothes make the man.  Naked people have little or no influence on
society.
                -- Mark Twain


;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;