Jeffrey Altman wrote:
>
>
> Also, if you want to get something is writing from BXA itself you
> can request a written opinion from them as to whether or not the
> concerns of the OpenSSL developers are valid. If you have a written
> letter from BXA stating that OpenSSL cannot be affected in the future
> due to source code exported under the current regulations everyone's
> asses should be covered.
>
Well in the past when it comes to the area of future changes in export
regulations things tend to go rather quiet.
If a statement can be obtained stating that once US crypto code or
patches is incorporated in code outside the US it then cannot be
affected by future changes in regulations then that would satisfy me at
least.
The problem is that if large donations of US code become an essential
part of OpenSSL in future and we aren't covered it could kill the
project off or at least require a large amount of extra work to
redevelop the code.
This is admittedly an unlikely possibility but it is sufficiently severe
that it has to be considered.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
