Re: [Eben Moglen ] Re: US crypto export restrictionsand GNU (fwd)

Thu, 16 Mar 2000 10:45:44 -0800 

jean-marc.desperrier> Indeed. 
jean-marc.desperrier> If some code in open source project has been
jean-marc.desperrier> developed in the USA, then we must keep a trace
jean-marc.desperrier> of where it is to be able to remove it later in
jean-marc.desperrier> case the regulation in the US become more
jean-marc.desperrier> restrictive. 
jean-marc.desperrier> 
jean-marc.desperrier> So it does not propagate in the meaning that the
jean-marc.desperrier> european code never becomes unexportable, but in
jean-marc.desperrier> order to take advantage of that, we need to be
jean-marc.desperrier> able to "clean" it and remove all the american
jean-marc.desperrier> code in it at the moment we need to.

I asked Eben to clarify exactly that.  This was his response:

Return-Path: <push>
Return-Path: [EMAIL PROTECTED]
Received: from old.law.columbia.edu ([EMAIL PROTECTED] [128.59.176.134])
        by brev.stacken.kth.se (8.9.3/8.9.3) with SMTP id TAA02117
        for <[EMAIL PROTECTED]>; Thu, 16 Mar 2000 19:13:13 +0100 (MET)
Received: from eben  by old.law.columbia.edu
        with local id 12Velj-0003Vc-00; Thu, 16 Mar 2000 13:13:11 -0500
MIME-Version: 1.0
In-Reply-To: Richard Levitte - VMS Whacker's message of Thu, 16 Mar 2000 09:39:43 +0100
      <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]>
        <[EMAIL PROTECTED]>
Message-Id: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Subject: Re: [Eben Moglen <[EMAIL PROTECTED]>] Re: US crypto export restrictionsand 
GNU (fwd)
From: Eben Moglen <[EMAIL PROTECTED]>
To: Richard Levitte - VMS Whacker <[EMAIL PROTECTED]>
Date: Thu, 16 Mar 2000 13:13:11 -0500

On Thu, 16 March 2000, Richard Levitte - VMS Whacker wrote:

  Hello Eben,
  
  I'm one of the OpenSSL deevelopers, and I'm personally very grateful
  that you came out and set the record straight for us all, as I'm sure
  basically everyone you've reached is.  Thank you.
  
  Now, there's a lieelt thing I want to make sure I got right.  My
  english is not always that good, so I just want to tell you how I
  interpreted what you wrote below, and all I want to know is if my
  interpretation was correct or not:
  
  moglen> [...].  In the worst case analysis, components exported
  moglen> now might subsequently become non-exportable in the event that
  moglen> regulations in the US become more restrictive.  No one would be
  moglen> subject to prosecution or interference as a result of export occurring
  moglen> before the change in regulations (that's a matter of constitutional
  moglen> law in the US), but all subsequent development of those components
  moglen> would then have to occur somewhere other than here.  No code not
  moglen> originally developed in the US would be subject to this tightened
  moglen> regulatory environment, unless such code were "in" the US, in which
  moglen> case the particular copy that was "in" the US wouldn't be able to
  moglen> leave again--a restriction which makes no difference.
  
  I interpret it as this: if we insert a piece of US-originated code
  into OpenSSL today, or receive something from the US today that we
  plan to insert into OpenSSL the day after tomorrow, and the
  regulations are changed to something restrictive tomorrow, we're safe
  and don't have to remove that code from OpenSSL.
  
  Correct or not?  I'm under the interpretation that it is correct, but
  I've had discussions with people that are paranoid around this
  scenario.

Correct.  What's exported will stay exported.  Further development of
such code might have to occur outside the US, but no code will have to
be removed.

Best regards.

-- 
 Eben Moglen                       voice: 212-854-8382 
 Professor of Law & Legal History    fax: 212-854-7946        moglen@
 Columbia Law School, 435 West 116th Street, NYC 10027      columbia.edu
 General Counsel, Free Software Foundation   http://emoglen.law.columbia.edu
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to