From: Ben Laurie <[EMAIL PROTECTED]>
ben> It's true. openssl.org belongs to C2, who have been bought by RH.
Ah, OK. I thought C2 just kindly hosted the name service, which would
be different.
--
Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED]
Chairman@Stacken \ S-168 35 BROMMA \
Richard Levitte - VMS Whacker wrote:
>
> From: amanda <[EMAIL PROTECTED]>
>
> amanda> The domain openssl.org now belongs to a US company (Red Hat),
> amanda> so you could say that the project has already moved, to
> amanda> "enemy" territory!
>
> Say *what*? How about checking the facts before
From: amanda <[EMAIL PROTECTED]>
amanda> The domain openssl.org now belongs to a US company (Red Hat),
amanda> so you could say that the project has already moved, to
amanda> "enemy" territory!
Say *what*? How about checking the facts before you blurt out things
like that?
--
Richard Levitte
> On Sat, Aug 12, 2000 at 12:34:38PM -0400, Jeffrey Altman wrote:
>
> > I definitely do understand this. But since the software was exported
> > from the U.S. without restrictions it is not legal in this country for
> > the government to pass a law to apply retro-active restrictions to
> > that
On Sat, Aug 12, 2000 at 12:34:38PM -0400, Jeffrey Altman wrote:
> I definitely do understand this. But since the software was exported
> from the U.S. without restrictions it is not legal in this country for
> the government to pass a law to apply retro-active restrictions to
> that software lat
> This stuff makes my head hurt, I have to admit. The concern is that
> incorporating exported code makes the whole of OpenSSL subject to EAR
> (which it currently isn't). Currently this means nothing interesting,
> but it isn't clear what it may mean in the future.
I'm sorry, but OpenSSL is subj
Now you're talking about future acts by the UK government. If you are
worried about your own government then you should start preparing for
a physical move to some friendlier (and drier) place. That might not be
such a bad idea, considering recent UK legislation on eavesdropping, but
it has nothin
[EMAIL PROTECTED] wrote:
>
> >As I keep saying, this is not my concern, it is the potential
> >restriction on _future_ use of OpenSSL by U.S. citizens that concerns
> >me.
>
> Could you please explain this? Are you saying that new rules might say
> "and if it had any US source it's doulby-illeg
>As I keep saying, this is not my concern, it is the potential
>restriction on _future_ use of OpenSSL by U.S. citizens that concerns
>me.
Could you please explain this? Are you saying that new rules might say
"and if it had any US source it's doulby-illegal?" I just don't
understand at all how
This should read
U.S. Constitution Article I Section 9
> U.S. Constitution Section 9
>
> "No bill of attainder or ex post facto Law shall be passed."
>
> The government may not pass a law today that changes the rules of
> yesterday.
Jeffrey Altman * Sr.Software De
>
> As I keep saying, this is not my concern, it is the potential
> restriction on _future_ use of OpenSSL by U.S. citizens that concerns
> me.
The U.S. government cannot tell a U.S. company or citizen that it
cannot import OpenSSL. The laws that are being used to control
exports cannot be appl
> They can pass a law that makes future actions illegal, of course. So,
> they can change the _future_ status of OpenSSL, once it has been
> "infected".
>
But how does that affect anyone?
five years ago it was illegal to export OpenSSL after it was imported
into the U.S. I completely agree tha
Rich Salz wrote:
>
> > ??? Crypto export was once legal, surely? If we go back far enough, that
> > is.
>
> Sure. And if you could travel back in time, you could export.
>
> If you did something at time t0 that was legal, and the law was changed at t1
> to make it illegal, then you're okay. A
Jeffrey Altman wrote:
>
> > Jeffrey Altman wrote:
> > >
> > > > Jeffrey Altman wrote:
> > > > >
> > > > >
> > > > > Also, if you want to get something is writing from BXA itself you
> > > > > can request a written opinion from them as to whether or not the
> > > > > concerns of the OpenSSL develo
> ??? Crypto export was once legal, surely? If we go back far enough, that
> is.
Sure. And if you could travel back in time, you could export.
If you did something at time t0 that was legal, and the law was changed at t1
to make it illegal, then you're okay. At t1, you cannot make a law that s
> Jeffrey Altman wrote:
> >
> > > Jeffrey Altman wrote:
> > > >
> > > >
> > > > Also, if you want to get something is writing from BXA itself you
> > > > can request a written opinion from them as to whether or not the
> > > > concerns of the OpenSSL developers are valid. If you have a written
>
Jeffrey Altman wrote:
>
> > Jeffrey Altman wrote:
> > >
> > >
> > > Also, if you want to get something is writing from BXA itself you
> > > can request a written opinion from them as to whether or not the
> > > concerns of the OpenSSL developers are valid. If you have a written
> > > letter from
Rich Salz wrote:
>
> > but the heaviest point is that we can't seem to
> > get any guarantee against effects of future changes of those same
> > regulations.
>
> Perhaps because the illegality of such "retroactive" actions is a fundamental
> part of our legal framework? If it's legal now, it ca
> On Sun, Aug 06, 2000 at 03:24:13PM -0400, Jeffrey Altman wrote:
>
> > And even if the OpenSSL developers were
> > to come to the U.S., what would they be charged with? Violation of an
> > export law that doesn't apply to them because they are not citizens of
> > the U.S.?
>
> The law applies
On Sun, Aug 06, 2000 at 03:24:13PM -0400, Jeffrey Altman wrote:
> And even if the OpenSSL developers were
> to come to the U.S., what would they be charged with? Violation of an
> export law that doesn't apply to them because they are not citizens of
> the U.S.?
The law applies to anyone export
Rich Salz wrote:
>
>
> Perhaps because the illegality of such "retroactive" actions is a fundamental
> part of our legal framework? If it's legal now, it can be illegal later, but
> you can never make a law or ruling that says "what you did before used to be
> okay but now isn't."
>
Well I'm
> but the heaviest point is that we can't seem to
> get any guarantee against effects of future changes of those same
> regulations.
Perhaps because the illegality of such "retroactive" actions is a fundamental
part of our legal framework? If it's legal now, it can be illegal later, but
you can
Jeffrey Altman wrote:
>
>
> Let me ask a slightly different question:
>
> if the U.S. were to change the export laws to state that starting
> today that software may no longer be exported from the U.S.; and
> that all software currently exported from the U.S. that would no
> longer be l
> Jeffrey Altman wrote:
> >
> >
> > Also, if you want to get something is writing from BXA itself you
> > can request a written opinion from them as to whether or not the
> > concerns of the OpenSSL developers are valid. If you have a written
> > letter from BXA stating that OpenSSL cannot be a
Jeffrey Altman wrote:
>
>
> Also, if you want to get something is writing from BXA itself you
> can request a written opinion from them as to whether or not the
> concerns of the OpenSSL developers are valid. If you have a written
> letter from BXA stating that OpenSSL cannot be affected in the
If people are that paranoid, please post a snail mail address to
which U.S. citizens may send patches that have been handwritten on
pieces of paper. I say handwritten because it would be extrememly
difficult for anyone to ever jump to the conclusion that my
handwriting is a machine readable form
From: Geoff Thorpe <[EMAIL PROTECTED]>
geoff> Well, the opinion that has already been obtained, and the
geoff> members of the development team that obtained and discussed it,
geoff> seemed to indicate that the situation was not yet "all clear".
True. The item of unclarity seems to be around "ta
Hi there,
On Fri, 4 Aug 2000, Jeffrey Altman wrote:
> I do not speak for the OpenSSL core team (especially because I am not
> a member of it) but I believe that the opinion voiced below does not
> reflect the opinion of all Core Team members. At least not from the
> conversations that I remembe
Geoff:
I do not speak for the OpenSSL core team (especially because I am not
a member of it) but I believe that the opinion voiced below does not
reflect the opinion of all Core Team members. At least not from the
conversations that I remember from the openssl-dev list that took
place last Feb.
#x27;t be correct/intended, can it? This
may be present in all builds - I don't know - but it is brought to one's
attention during Borland builds and should be corrected in whatever way is
appropriate.
Thanks for considering these bug fixes,
Bill Rebey
PS: (Roaming aliens are a pai
On Aug 4, 1:26pm, Geoff Thorpe wrote:
> Hi there,
>
> Unfortunately the laws governing exports of software from the US are still
> not yet cut-and-dried. If you are sending patches from the US, there's
> unfortunately a very real risk of "contamination" of the code base if we
> incorporate them.
Hi there,
Unfortunately the laws governing exports of software from the US are still
not yet cut-and-dried. If you are sending patches from the US, there's
unfortunately a very real risk of "contamination" of the code base if we
incorporate them. We have been obtaining legal opinion on this issue
32 matches
Mail list logo
