[6122] in cryptography@c2.net mail archive
Re: draft regulations?
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Tue Nov 23 22:36:32 1999
From: "Steven M. Bellovin" <smb@research.att.com>
To: William Allen Simpson <wsimpson@greendragon.com>
Cc: cryptography@c2.net
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Tue, 23 Nov 1999 21:44:28 -0500
Message-Id: <19991124024433.4AEBA41F16@SIGABA.research.att.com>
In message <383B35EA.571833AA@greendragon.com>, William Allen Simpson writes:
> Looks like they are reinventing the GPL, except to infect other sources.
>
> (4)(i) for encryption source code (including published source code
> which is subject to proprietary commercial agreements or other
> restriction), any new product developed with this source code must be
> classified by BXA (see paragraph (e) of this section) prior to
> re-export.
>
> A little slap in the face to PGP -- and may make GPG code classifiable.
I was about to make a snide comment that they're just endorsing open source
software -- but is there any definition of "other restriction"? Does the GPL
count? Are they trying to ban any publication of anything that isn't flat-out
public domain? And if something is flat-out public domain, how can the
"exporter" impose the viral restrictions? For that matter, what is "export"?
Posting something to Usenet? Putting it up on a Web page or FTP server? The
act of downloading it?
--Steve Bellovin
