Gary Jeffers wrote:
> I was aware that posting binary/executables of crypt code from the
> U.S. was illegal. Is source posting of crypt from U.S. illegal too?
That issue is highly contentious. The summary is: encryption is
considered a munition, and therefore subject to regulation. The Bureau
of Export Administration (BXA) makes these regulations based on
guidelines from the Administration, and courts interpret them. Posting
binaries or source on a web page is considered to be export.
There have been several court cases in the past few years regarding
"export" of encryption source code. See _Bernstein vs. Dep't of
Justice_ and _Junger vs. Daley_.
I posted the literate source for an RC4 program to help Junger's case.
<<begin quoted material>>
As the President has made clear, encryption software is
regulated because it has the technical capacity to encrypt data and
by that jeopardize American security interests, not because of its
expressive content. Exec. Order No. 13026, 1996 WL 666563. The
regulatory distinction between encryption software and other types of
software does not turn on the content of ideas. Instead, it turns on
the ability of encryption software to actually do the function of
encrypting data.
That the Export Regulations are not directed at the content of ideas
is further suggested because the Export Regulations do not attempt to
restrict the free flow of public information and ideas about
cryptography. Publicly available information that can be used to design
or operate encryption products is not subject to the Export Regulations
and may be freely exported. 15 C.F.R. 734.3(b)(3).
<<end quoted material>>
I have no idea what the correct means is of citing to a case found on a
web site, so I'll just give the URL:
http://samsara.law.cwru.edu/comp_law/jvd/pdj11.html
page 24.
By contrast, in _Bernstein_ the trial court judge, Marilyn Hall
Patel, held that the restrictions on source code constituted prior
restraint on free speech. This decision was affirmed by a panel of the
Ninth Circuit court. Since _Junger_ and _Bernstein_ were in different
circuits, the only court that can resolve the dispute is the US
Supreme Court.
After _Bernstein_ was upheld by the Ninth Circuit, the Clinton
Administration changed the guidelines they gave BXA. This represented
a considerable loosening of the regulations on strong encryption, but
didn't provide relief for free software. Furthermore, the
Administration "clarified" some points a few months ago, which was in
effect a tightening of the regulations. And there it stands.
--
Steve Furlong, Computer Condottiere Have GNU, will travel
518-374-4720 [EMAIL PROTECTED]
