Eduardo Marcel Macan wrote:
> On Thu, 26 Mar 1998 [EMAIL PROTECTED] wrote:
>
> > I have a product (GPL) which I can't export because it uses encryption
> > software, and I'm a US citizen, and I wrote it in the US.
>
> If you use a library (SSLeay) to perform all the dirty work of encription/
> decription and distribute your software in source form, not including
> the library itself. Is it still ilegal? If not I could provide you with
> a non-us site to store it, if you want.
>
> It's something I always asked myself, because software written using SSLeay
> and distributed without it does not contain any crypto code at all.
> Could some US citizen answer that to me?
>
> Thanks...
I'm a US citizen, but that certainly doesn't qualify me to give an official
answer to this question. I have, however, studied Schneier's book "Applied
Cryptography" and other sources on this problem, and it seems to me that you
are right. If the software does not contain cryptographic algorithms, it cannot
be classified as "munitions", and thus does not fall under the export
restrictions. That's the way I see it, but of course, I don't know what the No
Such Agency would think.
Schneier's approach is excellent. If you buy his book in the US, you get a disk
with all the software on it. If you export the book, you have to be content
with the PRINTED source code, identical to what's on the disk! So, the export
laws are reduced to requiring potential enemies to do a little typing. Go
figure.
+-------------------------------------------------------------------------+
| Administrative requests should be sent to [EMAIL PROTECTED] |
| List service provided by Open Software Associates, http://www.osa.com/ |
+-------------------------------------------------------------------------+
