Jeffrey Altman wrote:
> Calling OpenSSL (or any other API that encrypts messages) is
> "crypto with a hole". This is illegal to export from the United
> States.
Realy? Do you explicitly call any non-export algortihm?
I could understand Kerberos, where DES was called,
so DES calls had to be removed, but your case looks different...
BTW: If you're right then any software using Microsoft
CryptoAPI breaks EAR regulations.
Regards,
Mike
----
Michal Trojnara * +48 501 00 12 43
IT Security Officer * PTK Centertel
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
