On Aug 4, 1:26pm, Geoff Thorpe wrote:
> Hi there,
>
> Unfortunately the laws governing exports of software from the US are still
> not yet cut-and-dried. If you are sending patches from the US, there's
> unfortunately a very real risk of "contamination" of the code base if we
> incorporate them.
??? The danger, so far as I know, is not to the OpenSSL code
base. It's to the person sending the patches from the US... although
even this may no longer be a problem, given that OpenSSL is
open-source (see http://www.cdt.org/crypto/admin/), so long as the
person providing the patches sends an email to the proper government
types (see http://www.crypto.com/ for one way to do so & make sure
somebody has a record of it).
> We have been obtaining legal opinion on this issue and
> will continue to keep an eye on how things are changing.
Given that I've been working on improvements to EGD and accompanying
changes to openssl (and gnupg), I'll be interested in hearing on this...
Thanks,
-Allen
--
Allen Smith [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
