"GH" == haering python <Gerhard> writes:
GH> On Mon, Oct 29, 2001 at 08:06:28AM -0500, Guido van Rossum GH> wrote:
[me, in response to a remark from Marc-André] What would be your suggestions? Would you prefer to go in the direction of my original proposal - only providing a SSL API, but not the implementation?
Yes, that's how the current SSL support works -- you need to link in openssl.
GH> So, as long as there are no actual cryptographic algorithms in GH> the Python source tree, but only hooks for OpenSSL, there's no GH> problem? I don't think the export control regs work that way. Crypto-with-a-hole (that is, an API without the actual crypto implementation) is still considered crypto as far as I know. The regulations are pretty simple these days for Open Source projects. Just send a note to the BXA (Commerce Dept.) with the URL to the source. I wonder if it's wise to do this for Python, since it has an SSL interface (albeit a clunky one). Jeremy