Jeffrey Altman wrote:
>
> > Jeffrey Altman wrote:
> > >
> > > > Jeffrey Altman wrote:
> > > > >
> > > > >
> > > > > Also, if you want to get something is writing from BXA itself you
> > > > > can request a written opinion from them as to whether or not the
> > > > > concerns of the OpenSSL developers are valid. If you have a written
> > > > > letter from BXA stating that OpenSSL cannot be affected in the future
> > > > > due to source code exported under the current regulations everyone's
> > > > > asses should be covered.
> > > > >
> > > >
> > > > Well in the past when it comes to the area of future changes in export
> > > > regulations things tend to go rather quiet.
> > >
> > > Let me ask a slightly different question:
> > >
> > > if the U.S. were to change the export laws to state that starting
> > > today that software may no longer be exported from the U.S.; and
> > > that all software currently exported from the U.S. that would no
> > > longer be legal to export could not be used. And assume that
> > > OpenSSL did contain significant amounts of U.S. source code, what
> > > do you really believe the legal affect would be?
> > >
> > > The U.S. can't enforce its laws against non-U.S. citizens or companies
> > > in countries outside the U.S. And even if the OpenSSL developers were
> > > to come to the U.S., what would they be charged with? Violation of an
> > > export law that doesn't apply to them because they are not citizens of
> > > the U.S.?
> >
> > The important issue in this case is the effect it would have on U.S.
> > citizens (and companies).
>
> It can't have any effect on U.S. companies (or citizens). If the
> export laws are changed in the future it won't make a bit of
> difference where the code originated with regards to future exports.
>
> As for the risk of my being prosecuted in the future because I legally
> export some source code today that is prevented by our Constitution.
> Congress may pass no law that would result in past legal actions
> suddenly illegal.
They can pass a law that makes future actions illegal, of course. So,
they can change the _future_ status of OpenSSL, once it has been
"infected".
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
Coming to ApacheCon Europe 2000? http://apachecon.com/
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
