The Hermit Hacker <scrappy@hub.org> writes:
> Being a Canadian based project, like OpenBSD, I do not believe that these
> issues apply ...
If we had to do it that way we could, but I'd just as soon not create
any questions for US mirror sites.
> even FreeBSD, based in California, appears to be getting
> around them now ... something about making you download rsaref seperately,
Yes, I think this is the cleanest current answer: you can connect to a
separately-distributed crypto engine and then it's not your problem.
MD5 (or SHA1 if people like that better) isn't a crypto engine according
to the rules, so including that in our distribution is a non-issue,
but a reversible encryptor might be an issue.
regards, tom lane