[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LYNX-DEV Lynx & US Govt (was SSL for Lynx 2.8)
|
From: |
Mark H. Wood |
|
Subject: |
Re: LYNX-DEV Lynx & US Govt (was SSL for Lynx 2.8) |
|
Date: |
Tue, 10 Mar 1998 08:07:02 -0500 (EST) |
On Mon, 9 Mar 1998, T.E.Dickey wrote:
> > On Mon, 9 Mar 1998, Philip Webb wrote:
> >
> > > so shouldn't the Lynx development co-operative, as an international effort
> > > working by consensus, find a way for the SSL hooks to be freely available
> > > from some site outside the USA, if possible?
> >
> > Who prosecutes cases of munitions export? Is there actually a human I can
> > ask if distributing lynx w/ssl is ok?
> probably not - the system works by implying a threat to the distributors
> and ftp sites (so that end is self-regulating). On the other end, you'll
> rarely find someone who's both willing to spend the time on something like
> Lynx (where no money is involved), and able to "make" the decision.
My understanding is that the State Department makes up the bad-boys list,
and the Department of Commerce implements that and other regulations by
refusing export licenses for proscribed technology. So Commerce enforces
the law but doesn't write it. And since *national security* is invoked,
the guys who'll come to collect you if you break the law probably aren't
even mentioned in the Federal budget.
> So - unless you got lucky and met the right person, or happened to fall into
> some category that carries you along, it'll take a good bit of work to
> point out the obvious (putting ifdef's in Lynx to make library calls to
> SSLeay doesn't disclose any of the encryption algorithms).
Again, my understanding only -- even putting in "hooks" for encryption is
verboten. The library calls must remain patches, not be absorbed into
the base code, or the whole product is tainted.
If you want a more reliable interpretation, see a lawyer with
import/export experience.
I find the whole thing exasperating too. It's amazing how hard some
people work to avoid understanding the strengths and weaknesses of
technology.
--
Mark H. Wood, Lead System Programmer address@hidden
One more time: a (level-2) switch is a bridge. A "level-3 switch" is
a router. Deal with it.
Re: LYNX-DEV SSL for Lynx 2.8, Nelson Henry Eric, 1998/03/09
- Re: LYNX-DEV SSL for Lynx 2.8, T.E.Dickey, 1998/03/09
- LYNX-DEV Lynx & US Govt (was SSL for Lynx 2.8), Philip Webb, 1998/03/09
- Re: LYNX-DEV Lynx & US Govt (was SSL for Lynx 2.8), Wayne Buttles, 1998/03/09
- Re: LYNX-DEV Lynx & US Govt (was SSL for Lynx 2.8), T.E.Dickey, 1998/03/09
- Re: LYNX-DEV Lynx & US Govt (was SSL for Lynx 2.8),
Mark H. Wood <=
- Re: LYNX-DEV Lynx & US Govt (was SSL for Lynx 2.8), Larry W. Virden, x2487, 1998/03/10
Re: LYNX-DEV Lynx & US Govt (was SSL for Lynx 2.8), Matt Ackeret, 1998/03/09
Re: LYNX-DEV Lynx & US Govt (was SSL for Lynx 2.8), David Woolley, 1998/03/11
Re: LYNX-DEV Lynx & US Govt (hooks are munitions?), Al Gilman, 1998/03/10
Re: LYNX-DEV Lynx & US Govt (was SSL for Lynx 2.8), David Woolley, 1998/03/11
Re: LYNX-DEV SSL for Lynx 2.8, Personal, 1998/03/09
Re: LYNX-DEV SSL for Lynx 2.8, T.E.Dickey, 1998/03/11