Well, the question becomes: Which government are you trying to work around the restrictions of?
OpenSSL is open-source. In the United States, while it may fall under the export class EI on the CCR, it also falls under export exemption TSU (see http://www.access.gpo.gov/bis/ear/txt/740.txt (section 740.13(e)(1)) and http://www.access.gpo.gov/bis/ear/txt/734.txt (section 734.3(b)(3))). OpenSSL is not US-origin (it is Australia- and United Kingdom-origin), and every new release has had the notification requirement (734.3(e)(3)) met by the release manager. The US was, for a long time, considered the most hard-nosed of the governments as related to cryptography. This changed in 2000. -Kyle H On Thu, Aug 14, 2008 at 8:18 AM, Fred Picher <[EMAIL PROTECTED]> wrote: > Hi, > > Unfortunately this is seemingly the case, as told by actual > gouvernement reps. > > Cheers. > > > --- On Wed, 8/13/08, David Schwartz <[EMAIL PROTECTED]> wrote: > >> From: David Schwartz <[EMAIL PROTECTED]> >> Subject: RE: DES-only OpenSSL version >> To: openssl-users@openssl.org >> Received: Wednesday, August 13, 2008, 10:18 PM >> Fred Picher: >> >> > For export regulations compliance I must dumb down >> OpenSSL to use >> > only DES. And that's only DES, no 3DES ! So I >> got it down to: >> >> Are you sure you aren't trying to comply with ancient >> regulations that no >> longer apply? It's been years since anyone I know of >> has had to dumb their >> products down that far. The United States has largely >> accepted that if US >> firms can't export strong crypto, the 'bad >> guys' will just use crypto from >> other nations or open source products. >> >> DS >> >> >> ______________________________________________________________________ >> OpenSSL Project >> http://www.openssl.org >> User Support Mailing List >> openssl-users@openssl.org >> Automated List Manager >> [EMAIL PROTECTED] > > > __________________________________________________________________ > Ask a question on any topic and get answers from real people. Go to Yahoo! > Answers and share what you know at http://ca.answers.yahoo.com > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
