[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Exporting an IPSec implementation



> Does the DoS 40-bit export policy apply to source, or only to
> object?

My experience with the export control people is that they don't like
source exports at all (and they have difficulty understanding the
concept of free software); they consider code which *calls* a
cryptographic API (because it would necessarily have a (possibly
trivial) key management component) to be the "ancillary equipment" (in
the "cryptographic hardware and ancillary equipment") of the ITAR.

					- Bill


Follow-Ups: References: