Ralf S. Engelschall wrote:
>
> In article <[EMAIL PROTECTED]> you
>wrote:
>
> > I don't understand why US people can't be given access to the source
> > tree.
>
> Sorry for my ignorance, but who said that we cannot give US people access to
> the source tree in general? Sure, we should perhaps make sure they cannot
> commit to the non-documentation stuff (export!), but access to openssl/doc/
> sounds good to me, too.
>
> > Is it because of a desire to "prove" that nobody from the US exported
> > source code? Surely that's (a) too big a hammer (we can, e.g., con-
> > tribute to the ASN1 engine); (b) probably not sufficient proof; and
> > (c) starting down a slippery slope that OpenSSL really should avoid --
> > setting up mechanisms to help "enforce" every participating country's
> > crypto export rules?
>
> IMHO it's ok to not give them access to the non-documentation stuff, because
> this way we don't have to make sure people don't violate their export laws.
I'm totally against this. We have no responsibility to enforce the USG's
stupid export laws, and I see no reason we should take that
responsibility on.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
- Indira Gandhi
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
