[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [bug-gnulib] Crypto modules
|
From: |
Bruno Haible |
|
Subject: |
Re: [bug-gnulib] Crypto modules |
|
Date: |
Wed, 24 Nov 2004 14:34:46 +0100 |
|
User-agent: |
KMail/1.5 |
Simon Josefsson wrote:
> Savannah has a FAQ regarding crypto code:
> https://savannah.gnu.org/faq/?question=Is_there_any_restriction_on_cryptographic_software.txt
> I'm not sure how problematic the code would be in
> practice.
>
> What do you think of this?
When you look at "License Exception: TSU" in
http://www.bxa.doc.gov/Encryption/lechart1_Sec508.htm
you see that code under this regulation must not be copied from the US to
Iran and a few other countries. Furthermore the US government can add other
countries to this list arbitrarily.
It is illogical to work on free software, and promote it with the argument
"it's good for poor countries, because they can deploy it widely without
needing to pay royalties to anyone", while at the same time refusing to
let Iranian people in Iran use it.
Since the code you are talking about originates from a non-US site
(http://www.lysator.liu.se/~nisse/nettle, as you pointed out), and since
from your name I guess you are in a European country, not in the US,
the code is currently not subject to US Export regulations, but would
be if you put it into a CVS server located in the US.
Therefore I would suggest to put it into a CVS server outside the US.
Of course you are welcome to use the same structure as gnulib, or
maybe even make it an extension of gnulib.
For the choice of the facility, maybe you can ask the FSF Europe
(fsfeurope.org) or Werner Koch (he certainly knows about these issues
since he works on GPG from Germany).
Bruno