On Sat, 2 Sep 2000, Steven Furlong wrote:
>Gary Jeffers wrote:
>> I was aware that posting binary/executables of crypt code from the
>> U.S. was illegal. Is source posting of crypt from U.S. illegal too?
>That issue is highly contentious. The summary is: encryption is
>considered a munition, and therefore subject to regulation. The Bureau
>of Export Administration (BXA) makes these regulations based on
>guidelines from the Administration, and courts interpret them. Posting
>binaries or source on a web page is considered to be export.
There was a time and not so long ago when it was regulated under
ITAR (for arms trafficking) and people exporting crypto stuff
had to have arms dealer's licenses and get the people they were
exporting it *to* to fill out endless forms and pay stiff fees.
The US has backed away from that rather extreme position, though,
and crypto is now regulated by the board of trade.
I wasn't aware that it was still considered a munition; as I
understood it the current state of the law is that it is legal to
post source for open-source stuff, but you have to first go through
(and pay for) a "technical review" process with the NSA or the FBI.
Bear
