On Fri, Dec 18, 1998, Magnus Stenman wrote:
> [...various hints...]
Thanks for the various hints on the Wassenaar state.
I'll now include the following entry in the mod_ssl FAQ:
| First, let us explain what <i>Wassenaar</i> and it's <i>Arrangement on
| Export Controls for Conventional Arms and Dual-Use Goods and
| Technologies</i> is: This is a international regime, established 1995, to
| control trade in conventional arms and dual-use goods and technology. It
| replaced the previous <i>CoCom</i> regime. 33 countries are signatories:
| Argentina, Australia, Austria, Belgium, Bulgaria, Canada, Czech Republic,
| Denmark, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Japan,
| Luxembourg, Netherlands, New Zealand, Norway, Poland, Portugal, Republic
| of Korea, Romania, Russian Federation, Slovak Republic, Spain, Sweden,
| Switzerland, Turkey, Ukraine, United Kingdom and United States. For more
| details look at <a
| href="http://www.wassenaar.org/">http://www.wassenaar.org/</a>.
|
| <p>
| In short: The aim of the Wassenaar Arrangement is to prevent the build up
| of military capabilities that threaten regional and international security
| and stability. The Wassenaar Arrangement controls the export of
| cryptography as a dual-use good, i.e., one that has both military and
| civilian applications. However, the Wassenaar Arrangement also provides an
| exemption from export controls for mass-market software and free software.
|
| <p>
| In the current Wassenaar ``<i>List of Dual Use Goods and Technologies And
| Munitions</i>'', under ``<i>GENERAL SOFTWARE NOTE</i>'' (GSN) it says
| ``<i>The Lists do not control "software" which is either: 1. [...] 2. "in
| the public domain".</i>'' And under ``<i>DEFINITIONS OF TERMS USED IN
| THESE LISTS</i>'' one can find the definition: ``<i>"In the public
| domain": This means "technology" or "software" which has been made
| available without restrictions upon its further dissemination. N.B.
| Copyright restrictions do not remove "technology" or "software" from being
| "in the public domain".</i>''
|
| <p>
| So, both mod_ssl and SSLeay are ``in the public domain'' for the purposes
| of the Wassenaar Agreement and its ``<i>List of Dual Use Goods and
| Technologies And Munitions List</i>''.
|
| <p>
| Additionally the Wassenaar Agreement itself has no direct consequence for
| exporting cryptography software. What is actually allowed or forbidden to
| be exported from the countries has still to be defined in the local laws
| of each country. And at least according to official press releases from
| the German BMWi (see <a
| href="http://www.bmwi.de/presse/1998/1208prm2.html">here</a>) and the
| Switzerland Bawi (see <a href="http://jya.com/wass-ch.htm">here</a>) there
| will be no forthcoming export restriction for free cryptography software
| for their countries. Remember that mod_ssl is created in Germany and
| distributed from Switzerland.
|
| <p>
| So, mod_ssl and SSLeay are not affected by the Wassenaar Agreement.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
