alan.kiecker wrote:
Thanks, Harlan.
We are planning on using the NTP package that Meinberg has available
for Windows. Many of our customers isolate their private networks from
the Internet making it difficult for them to download the package so we
are planning on making it available to them on our own release media.
This in effect would make us an exporter, and consequently my
questions.
Ouch!
The package as downloaded from Meinberg includes both the SSLeay32.dll
and libeay32.dll libraries. The following FAQ
http://www.columbia.edu/~ariel/ssleay/ssleay-legal-faq.html
mentions some ITAR issues concerning SSL but does not really go into
details. I am assuming that these two libraries, which are used by
NTP, contain the encryption algorithms that are of concern. Since the
API of these libraries is well documented on the Internet, anyone would
be able to make use of the encryption algorithms once they have the
libraries.
Any advice would be appreciated.
My considered advice is this:
Simply forget about it!
The source code is freely available, everywhere, including those states
that the US classified as 'The Axis of Evil' once upon a time, and so
are compilers capable of regenerating the binaries.
At this point the theoretical possibility of using Unisys media as way
to get access to SSL libraries, and then use them for terrorist activity
seems quite farfetched to me.
Terje
OTOH, I'm not a US citizen, so I'm not bound by what I consider to be a
particularly stupid US law. :-)
Thanks.
-- al
--
- <[EMAIL PROTECTED]>
"almost all programming can be viewed as an exercise in caching"
_______________________________________________
questions mailing list
[email protected]
https://lists.ntp.isc.org/mailman/listinfo/questions
