[I'm probably repeating myself, but this is for the benefit of debian-legal readers and may help to shorten discussion]
On Tue, Apr 10, 2001 at 16:10:39 +0200, Adrian Bunk wrote: > could someone please tell me if this patch: > - contains any code with legal problems (e.g. patents)? Not that I'm aware of. > - forces the package to go to non-US? It doesn't. It essentially has two parts - hooks to crypto/code to deal with passphrases entered on terminals. These do not force a package to go to non-US. There's precedent in e.g. mutt, whose "mutt-i" package (containing hooks to PGP/GPG) was merged into the main mutt package after a similar discussion quite some time ago. - an implementation of a one-way hash (RIPE-MD 160). It's a one-way hash, not a cipher; as such there is no US export issue that I'm aware of. As for precedents, there's also Debian GNU/Linux 2.2r2 which includes an earlier version of this patch (i.e, without this patch, our next release will be incompatible with the current one as reported in e.g. #36939), and there's the issue that if there were a problem, there'd be a problem with having the diff posted to a mailing list hosted in the US and archived on webservers hosted in the US. Ray -- LEADERSHIP A form of self-preservation exhibited by people with auto- destructive imaginations in order to ensure that when it comes to the crunch it'll be someone else's bones which go crack and not their own. - The Hipcrime Vocab by Chad C. Mulligan