True. But there's not much you can do about stupid governments, except not voting for them next time.
Doesn't seem to help in the US. :-(
There's a good reason why e.g. mxCrypto was developed outside the US, in fact I wrote that package because I couldn't legally export Andrew's code from the US. OpenSSL itself was developed in large parts in Australia for much the same reason.
The problem is that there needs to be some crypto support so that HTTPS, SMTP over TLS, etc. works if the crypto is available. So, at least the crypto hooks (SSL API) must be there, right?
What would be your suggestions? Would you prefer to go in the direction of my original proposal - only providing a SSL API, but not the implementation?
Yes, that's how the current SSL support works -- you need to link in openssl. --Guido van Rossum (home page: http://www.python.org/~guido/)