From owner-cvs-src@FreeBSD.ORG Fri Aug 6 20:48:59 2004 Return-Path: Delivered-To: cvs-src@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0458616A4CE; Fri, 6 Aug 2004 20:48:59 +0000 (GMT) Received: from mx1.originative.co.uk (freebsd.gotadsl.co.uk [81.6.249.198]) by mx1.FreeBSD.org (Postfix) with ESMTP id 42E1F43D55; Fri, 6 Aug 2004 20:48:56 +0000 (GMT) (envelope-from paul@originative.co.uk) Received: from [192.168.7.2] (myrddin [192.168.7.2]) by mx1.originative.co.uk (Postfix) with ESMTP id 8025A15569; Fri, 6 Aug 2004 21:49:08 +0100 (BST) From: Paul Richards To: Colin Percival In-Reply-To: <1091823800.17455.9.camel@myrddin> References: <200408060727.i767R87w004556@repoman.freebsd.org> <1091818349.17455.2.camel@myrddin> <6.1.0.6.1.20040806122530.03d6cb40@popserver.sfu.ca> <1091823800.17455.9.camel@myrddin> Content-Type: text/plain Message-Id: <1091825348.17455.19.camel@myrddin> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.6 Date: Fri, 06 Aug 2004 21:49:08 +0100 Content-Transfer-Encoding: 7bit cc: cvs-src@FreeBSD.org cc: src-committers@FreeBSD.org cc: cvs-all@FreeBSD.org cc: Colin Percival Subject: Re: cvs commit: src/bin/ed Makefile src/gnu/usr.bin/cvs/cvs Makefile src/kerberos5 Makefile.inc src/lib/libfetch Makefile Makefile src/lib/libpam/modules/pam_ksu Makefile ... X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Aug 2004 20:48:59 -0000 On Fri, 2004-08-06 at 21:23, Paul Richards wrote: > On Fri, 2004-08-06 at 20:36, Colin Percival wrote: > > At 11:52 06/08/2004, Paul Richards wrote: > > >On Fri, 2004-08-06 at 08:27, Colin Percival wrote: > > >> Join the 21st century: Cryptography is no longer an optional component > > >> of releases. > > >This might not be as dead an issue as people think. From information > > >I've received recently it seems that exporting crypto from the UK now > > >requires an export license. > > > > When I asked DTI about crypto a couple years ago, their response > > was "it's open source? In that case, go right ahead". Of course, the > > usual caveats about not exporting to embargoed countries and not > > assisting in the production of WMD still apply, but those restrictions > > would apply regardless of whether we ship cryptographic binaries. > > In this case it wasn't open source, it was a commercial product that had > FreeBSD in it, specifically it was "tangible" and that's significant > when interpreting the export rules. > > The following report shows that it's not always the case that exporting > crypto does not require a licence. > > http://rechten.uvt.nl/koops/cryptolaw/cls2.htm Thinking about it, my initial posting might have been misunderstood. It's not an issue for FreeBSD to be distributed as open source with crypto so my comments were not related specifically to the intent of the commit. It doesn't however follow that FreeBSD is always exempt from export controls because it might not be if your exporting it as a product, even if that product is just FreeBSD on a CD. We'll always need to support the ability to build non-crypto releases so that it can be safely embedded in products that don't need crypto without encumbering the end product with a requirement for an export license.