On Wed, Feb 3, 2021 at 11:13 AM Niels Möller <[email protected]> wrote: > ... > I've had look at the terms and conditions, > http://security.marist.edu/LinuxOne/TC.PDF. Most of it looks very > reasonable, but there are a few items that I find a bit unclear: > > 9. [...] You agree to obey all relevant New York State and US laws, > including all export controls laws. > > My understanding is that US export control laws don't apply to FOSS > software (and that's why, e.g., Debian no longer have special non-us > mirrors for distributing cryptographic software). But I don't know the > details, and if there really isn't a problem, why is it mentioned > explicitly in the terms and conditions?
IBM is a US company. It has to comply with the export laws. For an open source project you have to email the encryption coordinator (the NSA) with a link to the project's website and source files. Also see https://www.eff.org/deeplinks/2019/08/us-export-controls-and-published-encryption-source-code-explained. Jeff _______________________________________________ nettle-bugs mailing list [email protected] http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
