[Python-Dev] rotor module (exporting encryption)
Neal Norwitz
neal@metaslash.com
Tue, 26 Mar 2002 15:31:26 -0500
"M.-A. Lemburg" wrote:
>
> While discussing the PSF contrib docs with Martin, we came
> across a possible violation of the US export regulations:
>
> According to the BXA web-site, all crypto code with more
> than 56 bit keys, has to be regsitered with the BXA. rotor
> uses 80 bit keys.
>
> > I wrote:
> >
> > > The only thing I was able to find was that mail was supposed to be
> > > sent to: crypt@bxa.doc.gov. I don't know if this is correct or not.
> > > If anyone wants, I can send a message to them asking what needs
> > > to be done?
> >
> > Asking can't hurt.
I take that back, sometimes it can. :-)
I spoke with Lynn Griffin at the BXA about this subject.
She said the only requirement is to fill out this form (I filled
in some of the details):
BEGIN FORM
----------
SUBJECT: ENC NOTIFICATION
SUBMISSION TYPE: ENC
SUBMITTED BY:
SUBMITTED FOR: (company or person exporting the encryption item)
POINT OF CONTACT:
PHONE and/or FAX:
MANUFACTURER: (if relevant)
PRODUCT NAME/MODEL #: Python 2.2
ECCN: 5D002
NOTIFICATION: http://www.python.org
http://python.org/ftp/python/2.2/
http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/python/python/dist/src/Modules/rotormodule.c
--------
END FORM
The instructions are available from: http://www.bxa.doc.gov/Encryption/PubAvailEncSourceCodeNofify.html.
The email should be sent to: crypt@bxa.doc.gov.
She also recommended a disclaimer on the website that the software
is exported under US Export laws and can't be exported to the 7-8 countries
or other specifically prohibited individuals.
It seems we should submit this form, but for whom? PSF?
Who should be the point of contact?
Neal