[Python-Dev] Future of SSL

[Jeremy Hylton]

>>>>> "GH" =3D=3D haering python <Gerhard> writes:

  GH> On Mon, Oct 29, 2001 at 08:06:28AM -0500, Guido van Rossum
  GH> wrote:
  >> > [me, in response to a remark from Marc-Andr=E9] What would be
  >> > your suggestions? Would you prefer to go in the direction of my
  >> > original proposal - only providing a SSL API, but not the
  >> > implementation?
  >>
  >> Yes, that's how the current SSL support works -- you need to link
  >> in openssl.

  GH> So, as long as there are no actual cryptographic algorithms in
  GH> the Python source tree, but only hooks for OpenSSL, there's no
  GH> problem?

I don't think the export control regs work that way.
Crypto-with-a-hole (that is, an API without the actual crypto
implementation) is still considered crypto as far as I know.

The regulations are pretty simple these days for Open Source projects.
Just send a note to the BXA (Commerce Dept.) with the URL to the
source.

I wonder if it's wise to do this for Python, since it has an SSL
interface (albeit a clunky one).

Jeremy