From owner-freebsd-hackers@FreeBSD.ORG Wed Oct 22 14:25:09 2014 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9F8F1271 for ; Wed, 22 Oct 2014 14:25:09 +0000 (UTC) Received: from land.berklix.org (land.berklix.org [144.76.10.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 29793F5A for ; Wed, 22 Oct 2014 14:25:08 +0000 (UTC) Received: from mart.js.berklix.net (pD9FBFA1C.dip0.t-ipconnect.de [217.251.250.28]) (authenticated bits=128) by land.berklix.org (8.14.5/8.14.5) with ESMTP id s9MELbvt037043; Wed, 22 Oct 2014 14:21:38 GMT (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by mart.js.berklix.net (8.14.3/8.14.3) with ESMTP id s9MEOpp8054456; Wed, 22 Oct 2014 16:24:51 +0200 (CEST) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.14.7/8.14.7) with ESMTP id s9MEOWwT000965; Wed, 22 Oct 2014 16:24:45 +0200 (CEST) (envelope-from jhs@berklix.com) Message-Id: <201410221424.s9MEOWwT000965@fire.js.berklix.net> To: "Poul-Henning Kamp" Subject: Re: DOC obstructs encryption export again - Non USA crypto base again ? From: "Julian H. Stacey" Organization: http://berklix.com BSD Unix Linux Consultants, Munich Germany User-agent: EXMH on FreeBSD http://berklix.com/free/ X-URL: http://www.berklix.com In-reply-to: Your message "Tue, 21 Oct 2014 15:38:28 -0000." <44623.1413905908@critter.freebsd.dk> Date: Wed, 22 Oct 2014 16:24:32 +0200 Cc: freebsd-hackers@freebsd.org X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Oct 2014 14:25:09 -0000 "Poul-Henning Kamp" wrote: > In message <201410211451.s9LEpbEc023384@fire.js.berklix.net>, "Julian H. Stacey > " writes: > > >How can FreeBSD best re-segregate crypto components of its repository again, > >ready to move crypto components outside the USA, as USA DOC imperils again ? > >[...] > > http://www.theregister.co.uk/2014/10/17/intel_subsidiary_crypto_export_fine/ > > "US government fines Intel's Wind River over crypto exports" > > As far as I have been able to uncover, this settlement is about a > commercial closed source component, using specific hardware-crypto-assist, > for which no programming details have been made publically available. > > That means that WR cannot fly under the Wassenaar Arrangement "in the > public domain" carveout, and I guess somebody there overlooked that little > detail. > > We on the other hand make everything we do available, so we're solidly > inside that carveout. > > For details see: bottom of page 3 "GENERAL SOFTWARE NOTE" and > the definition of "in the public domain" at the bottom of page 208 > in this document: > > http://www.wassenaar.org/controllists/2013/WA-LIST%20%2813%29%201/WA-LIST%20%2813%29%201.pdf Thanks for the URL Poul-Henning, For info for others: ] P.3: ] GENERAL SOFTWARE NOTE ] The Lists do not control "software" ] which is any of ] the following: ] ... ] 2. "In the public domain"; or ] ... ] P.208 ] GTN "In the public domain" ] GSN This means "technology" or "software" which has been made available ] ML 22 without restrictions upon ] its further dissemination. ] Note Copyright restrictions do not remove "technology" or "software" ] from being "in the public domain". > In other words Julian: Don't panic. > > Worst case, we'll move the entire svn server out of USA. Good, can relax a bit then, Thanks :-) PS I've since read: http://lists.gnupg.org/pipermail/gnupg-users/2014-October/051182.html > ITAR has a couple > of nice commonsense exceptions. (See, e.g., ITAR 120.10 (5): ITAR "does > not include information concerning general scientific, mathematical, or > engineering principles commonly taught in schools, colleges, and > universities or information in the public domain.") > > Unfortunately, those exceptions aren't enough to save you from really > expensive legal bills. https://en.wikipedia.org/wiki/International_Traffic_in_Arms_Regulations Shows ITAR as USA national regs. I researched the ref. ITAR 120.10 (5) & wrote to gnupg-users@gnupg.org Cheers, Julian -- Julian Stacey, BSD Linux Unix C Sys Eng Consultant Munich http://berklix.com Indent previous with "> ". Interleave reply paragraphs like a play script. Send plain text, not quoted-printable, HTML, base64, or multipart/alternative.