At 7:49 -0800 00/01/13, hal@finney.org wrote:
>Jonathan Shapiro writes:
>> The second question we should be raising is "What about secure operating
>> systems?" Crypto is essentially useless if the end system is insecure.
>> Today, such operating systems are not exportable. The effect of this law is
>> that you can't sell a secure OS to an international corporate customer. An
>> OS you can't sell is pretty useless, so nobody develops them.
>
>With all the talk about crypto I didn't realize that there were
>restrictions on export of secure OS. Can you provide pointers/refs to
>these laws? I am curious to see how they would define a "secure" OS
>since you'd think that every OS is in principle secure in some sense,
>if it weren't full of bugs.
>
>
I don't have the references but I think that problems arrise only if the OS
has an orange book rating. It does sort of mitigate against getting such a
rating.
Norman Hardy <http://www.mediacity.com/~norm>