On Fri, Mar 09, 2001 at 06:04:59PM -0700, John Galt wrote:
>
> This issue has been done to death. Basically, there's a notification
> requirement in the BXA rules. Nobody that can do it wants to, and nobody
> that wants to do it can.
yes, there's a notification requirement. i pointed that out in the message
you quoted (btw, there was no need to quote the entire message for a 3 line
reply):
> >as i understand the new (actually year old) US crypto rules, for open
> >source / public domain / free software programs, all you have to do
> >is notify the US government that you're exporting it and tell them
> >where/how.
> >
> > [...rules excerpt deleted...]
> >
> >an update in October 2000 clarified the matter even further, points out
> >that the exemption also covers binaries compiled from open source, and
> >even provides an email address to send the written notifications to:
> >
> > [...upate excerpt deleted...]
> >
> >that's a pretty clear statement that it's OK to export open source
> >crypto just by notifying the US government in writing.
what's the problem? this is a minor annoyance, not a show-stopper.
ok, it's not perfect but it's doable. it could even be automated...it
would be trivial to add an optional "Crypto-Notification: yes" flag
to the debian/control file which could be read by dinstall to send an
automated notification whenever a new crypto package is uploaded. it would
be up to the maintainer to add the control line.
alternatively, we're only talking about a couple of dozen crypto
packages so it's probably simpler to just maintain a text file list
of crypto packages - dinstall could read that and send a notification
message whenever a notifiable package is uploaded. creation of new
crypto packages would have to be co-ordinated with whoever maintains
that list....that's not a lot of work.
for fun (and the chance to win an all expenses paid vacation to a
maximum security cell block), the script could sign the notificiation
message as "Mr T. Errorist, Libya" :-)
craig
--
craig sanders <[EMAIL PROTECTED]>
GnuPG Key: 1024D/CD5626F0
Key fingerprint: 9674 7EE2 4AC6 F5EF 3C57 52C3 EC32 6810 CD56 26F0
