Joe Orton wrote:
If you think there is some group of users who want to be able to download the "crypto"-enabled httpd tarballs in $BANNEDCOUNTRY but refuse to do so because they don't want to violate US export regulations, then maybe that should be addressed separately.
The group of people who concern me are not those in T-8, they are those who live in jurisdictions where *they* would be breaking local law by possessing crypto. Leave them a) in the backwaters / b) in fear / c) in violation, or give them a silly httpd-2.2.x-no-ssl.tar.gz? The later seems sane to me. This list of countries is rapidly shrinking, but remember even parts of western europe were subject to such laws not 10 years ago.
would the SSL support have to be patched out of ab?
Good point, I don't know that we ever notified BIX of that purpose.
What about the SSL use in the LDAP code?
Good point, I'm certain we didn't notify BIX of that purpose. And while we are at it, mod_ftp in incubation has the same issue with both explicit and implict FTP SSL. And we appreciate your raising these issues, as Roy's working hard to bring us into compliance with -our- relevant regulations, in this case, export controls. Bill
