[Python-Dev] Future of SSL

[Gerhard Häring]

On Tue, Oct 30, 2001 at 03:07:07PM -0500, Jeremy Hylton wrote:
>   GH> So, as long as there are no actual cryptographic algorithms in
>   GH> the Python source tree, but only hooks for OpenSSL, there's no
>   GH> problem?
> 
> I don't think the export control regs work that way.
> Crypto-with-a-hole (that is, an API without the actual crypto
> implementation) is still considered crypto as far as I know.
> 
> The regulations are pretty simple these days for Open Source projects.
> Just send a note to the BXA (Commerce Dept.) with the URL to the
> source.
> 
> I wonder if it's wise to do this for Python, since it has an SSL
> interface (albeit a clunky one).

Looks like it would (formally) be required, looking thru this text:

http://www.bxa.doc.gov/Encryption/EncryptionRuleOct2K.html

I better stop reading crypo law texts now >:-<

Gerhard
-- 
mail:   gerhard <at> bigfoot <dot> de       registered Linux user #64239
web:    http://www.cs.fhm.edu/~ifw00065/    OpenPGP public key id 86AB43C0
public key fingerprint: DEC1 1D02 5743 1159 CD20  A4B6 7B22 6575 86AB 43C0
reduce(lambda x,y:x+y,map(lambda x:chr(ord(x)^42),tuple('zS^BED\nX_FOY\x0b')))