On 7/4/06, Cliff Schmidt <[EMAIL PROTECTED]> wrote:
I'd like to get an FAQ together that covers the key Q&As that came up during the ApacheCon BOF last week. To aid my memory of the event (wish we would have taken notes during the BOF to go straight to the list), Bill suggested I start with a list of the Q&As that I've had with BIS, many of which came up during the BOF. Please jump in with comments or questions to add. I'll add the result of this thread to the dev/crypto.html page shortly.
Note that this is great stuff, and I think I sort of understand what is being discussed, but for those of us who haven't done ANY sort of research into this stuff, it probably makes sense to start with some sort of summary of what rules we're trying to follow, who makes those rules, what the various acronyms stand for, that sort of thing. For example, you start off throwing about terms like BIS, TSU, etc, but never actually define them. I mean I get the general idea here (we need to notify some government agency before we start distributing crypto code), but it'd be good to get the actual specifics someplace we can expect people to read, before diving into the FAQ. Also, another question I've got is who the point of contact on the notification email should be. Is that the PMC chair? And where does this email get sent to anyway? -garrett (who has not been spending nearly as much time as he should following this thread, and is hoping that Cliff will rescue him with a nice "you need to do this, this, and this to keep us from breaking the law" kind of recipie soon ;-)
