Ivan Krsti? wrote, On 6/1/08 1:33 PM:
On Jan 3, 2008, at 10:47 PM, Peter Gutmann wrote:
That's because there's nothing much to publish:
In the US, notify the BIS via email.

Our outside counsel -- specializing in this area -- thought this was insufficient

That's the problem with using lawyers, they'll always give you a conservative cautious answer. Unfortunately for people who don't use them, sometimes those really are the correct, prudent answers. When I worked for a company that had to face this we acted according to what looked like the plain language documentation from the BIS, concluding that use of an existing open source package required just sending an email. We were never as high profile as OLPC and in fact never ended up exporting anything, so our interpretation of the laws was not only not made by qualified legal counsel, it also was never tested.

I do look forwrd to seeing what you discover were the considerations that your outide counsel had.

 -- sidney

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to