Re: exporting NTP from the US

alan.kiecker wrote:
Thanks, Harlan.

We are planning on using the NTP package that Meinberg has available
for Windows. Many of our customers isolate their private networks from
the Internet making it difficult for them to download the package so we
are planning on making it available to them on our own release media.

I'm puzzled by this. If they isolate their networks how are they
expecting to use NTP?

This in effect would make us an exporter, and consequently my
questions.

The package as downloaded from Meinberg includes both the SSLeay32.dll
and libeay32.dll libraries.

NTP only needs libeay32.dll so I think they made a mistake in including
SSLeay32.dll.

The following FAQ

http://www.columbia.edu/~ariel/ssleay/ssleay-legal-faq.html

mentions some ITAR issues concerning SSL but does not really go into
details. I am assuming that these two libraries, which are used by
NTP, contain the encryption algorithms that are of concern. Since the
API of these libraries is well documented on the Internet, anyone would
be able to make use of the encryption algorithms once they have the
libraries.


You can view the function calls by running depends.exe on the dll which
will tell you what functions can be called inside the DLL.

The OpenSSL project is developed outside of the US in order to get
around these laws and the source code is available everywhere so these
laws and regulations have no real practical effect except to reduce the
ability of American companies to compete in this market. That doesn't
help you of course, but that's the reality. You can of course get a
subsidiary outside the US obtain and ship the software, particularly as
Meinberg is a German company and not a US one, though I don't know if
the regulations also prevent that. As usual consult a lawyer.

What I can tell you is that BIND also uses OpenSSL and vendors ship that
everywhere. So if Unisys ships BIND then if can mostly like ship NTP as
well under the same conditions.

Danny

_______________________________________________
questions mailing list
questions@xxxxxxxxxxxxxxxxx
https://lists.ntp.isc.org/mailman/listinfo/questions

.

Relevant Pages

  • Re: Windows timekeeping - sudden degradation- why?
    ... Eugen COCA wrote: ... Copy over the ntp directory and restart the NTP ... I actually just installed Meinberg 1370 release onto a completely separate ... described (except I used the graphical Services manager). ...
    (comp.protocols.time.ntp)
  • Re: exporting NTP from the US
    ... The package as downloaded from Meinberg includes both the SSLeay32.dll ... I am assuming that these two libraries, ... NTP, contain the encryption algorithms that are of concern. ... API of these libraries is well documented on the Internet, ...
    (comp.protocols.time.ntp)
  • RE: NTP MD5
    ... There is nothing wrong with NTP software package. ... >> I am testing authentication with ntp-4.2.0. ... > Are you sure you are using that version and not the RedHat version? ...
    (comp.protocols.time.ntp)
  • Re: Starting NTP server: ntpd/usr/sbin/ntpd: invalid option -- p
    ... to have ntp, and that package was removed but not purged, the init ... This means the init files are still ... What you want to to next, probably, is decide which package ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
    (Debian-User)
  • Re: NTP Daemon
    ... I believe it's now called just `ntp'. ... The functionality that used to be offered by ntpdate[*] has been subsumed into the ntp package by adding the "-g" option to the ntpd daemon. ... The ntpdate package will do a one-time adjustment at bootup, and the ntp-simple package will keep the clock in sync on a long-term basis after bootup. ... does a one-time adjustment of the system clock, usually at system startup --- that works regardless of how far off the system clock is. ...
    (Debian-User)