On Mon, 30 Jun 1997, Alan wrote:
> > How can one remotely manage firewalls that are on the other side of the world?
> If you have SSH or some other form of encryption/authentication between
> machines, then you should be able to maintain the firewall without too
> many problems. (Some sort of token-based authorization system or Public
> Key system would be a big plus and/or requirement in such a system.)
But it might be difficult to get SSH or other form of encryption on
that machine on the other side of the world if your side happens to lie
in the U.S.
Not to start a wandering and unrelated thread (hint hint), but I've
wondered how the law would apply if I were to log in to a machine in,
say, our company's Frankfurt office via the corporate WAN and built and
installed SSH on that machine while sitting in our U.S. office. Would
my work in doing the installation be considered exporting the encryption
in some manner, even if the software didn't get on the machine from or
through the U.S.? Of course, it reasons (if that word can be applied
to U.S. encryption policy) that I'd be on much shakier ground if the
SSH code from a site in Finland or Australia got on the German machine
via the company's Internet connection in the U.S.
On a tenuously related note, does anyone know whether China's ban on
the use of encryption now extends to Hong Kong?