Date: Thu, 13 Jan 2000 09:23:55 -0800 From: "Jordan K. Hubbard" <jkh@zippy.cdrom.com> To: markm@freebsd.org Cc: security@freebsd.org Subject: We need to do an audit of our "crypto", both current and planned. Message-ID: <95546.947784235@zippy.cdrom.com>
next in thread | raw e-mail | index | archive | help
So that we can obey this clause of the new export agreement: Encryption source code which is available to the public and which is subject to an express agreement for the payment of a licensing fee or royalty for commercial production or sale of any product developed using the source code (such as "community source" code) may be exported under a license exception to any end-user without a technical review. At the time of export, the exporter must submit to the Bureau of Export Administration a copy of the source code, or a written notification of its Internet address. All other source code can be exported after a technical review to any non-government end-user. U.S. exporters may have to provide general information on foreign products developed for commercial sale using commercial source code, but foreign products developed using U.S.-origin source code or toolkits do not require a technical review. E.g. I need to submit a written notification containing the URL pointing to just the crypto stuff we're going to do, including future items like OpenSSH, IPSec, etc. Once that's done, at least as I read this agreement (and have at least 3 times :), we and any mirror site in the U.S. containing the FreeBSD code should be in the clear. I'm also sure that it's possible to read this agreement in such a way that, with sufficient paranoia, one could conclude that nothing had changed and it was all a plot by the space aliens to lend us a false sense of security, but I'd rather not hear those arguments from people right now, I just want to know what we should "declare" as part of this process. :) - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?95546.947784235>