[112600] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

Re: Question on export issues

daemon@ATHENA.MIT.EDU (Sidney Markowitz)
Mon Jan 7 09:49:38 2008

Date: Mon, 07 Jan 2008 08:23:34 +1300
From: Sidney Markowitz <sidney@sidney.com>
To: =?UTF-8?B?SXZhbiBLcnN0acSH?= <krstic@solarsail.hcs.harvard.edu>
CC: Cryptography <cryptography@metzdowd.com>
In-Reply-To: <5A428DE9-FC0A-4A08-9FD6-3DB861E0CF77@solarsail.hcs.harvard.edu>

Ivan Krsti? wrote, On 6/1/08 1:33 PM:
> On Jan 3, 2008, at 10:47 PM, Peter Gutmann wrote:
>> That's because there's nothing much to publish:
>> In the US, notify the BIS via email.
> 
> Our outside counsel -- specializing in this area -- thought this was  
> insufficient

That's the problem with using lawyers, they'll always give you a conservative cautious 
answer. Unfortunately for people who don't use them, sometimes those really are the 
correct, prudent answers. When I worked for a company that had to face this we acted 
according to what looked like the plain language documentation from the BIS, concluding 
that use of an existing open source package required just sending an email. We were never 
as high profile as OLPC and in fact never ended up exporting anything, so our 
interpretation of the laws was not only not made by qualified legal counsel, it also was 
never tested.

I do look forwrd to seeing what you discover were the considerations that your outide 
counsel had.

  -- sidney

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com

home help back first fref pref prev next nref lref last post