Re: WARNING: Crypto software to be included into main Debian distribution

To: hartmans@debian.org
Cc: flo@rfc822.org, debian-legal@lists.debian.org
Subject: Re: WARNING: Crypto software to be included into main Debian distribution
From: Walter Landry <wlandry@ucsd.edu>
Date: Sun, 24 Feb 2002 18:59:53 -0800 (PST)
Message-id: <[🔎] 20020224.185953.108735782.wlandry@ucsd.edu>
In-reply-to: <[🔎] tsld6ywt0x1.fsf@tir-na-nogth.mit.edu>
References: <[🔎] 87pu2wc98k.fsf@tacitus.systems> <[🔎] 20020223192423.GB18791@paradigm.rfc822.org> <[🔎] tsld6ywt0x1.fsf@tir-na-nogth.mit.edu>

Sam Hartman <hartmans@debian.org> wrote:
> [CC trimmed.]
> 
> >>>>> "Florian" == Florian Lohoff <flo@rfc822.org> writes:
> 
>     Florian> Sorry - that is simply not true - As an effect of the
>     Florian> laws the fact that i knowingly export non-us to "t7"
>     Florian> countries now has no effect. Germany=20 has no laws on
>     Florian> this. If we have the new crypt-in-main my export might
>     Florian> fall back to the original uploader of the package as
>     Florian> he/she/it is knowingly multi-step exporting packages to
>     Florian> t7 countries.
> 
> Except of course that multi-step exporting is legal.  Well, is likely
> to be legal in most cases.  If I'm operating a US mirror, and you tell
> me that you're copying my mirror outside the US for the explicit
> purpose of making it available to T7, then I might care.

I'm not so sure that multi-step exporting is legal, at least of the
kind that Florian is discussing.  In this case, if there is a mirror
in a T7, a developer sets a command in motion that sends the data
through many different countries but definitely ends up in a T7
country.  How is this different from using an ftp connection to send
data through many different countries to a T7 country?  Isn't that
what the Internet does all of the time?  Considering that a judge has
ruling that *linking* is the same as providing the software, I don't
consider this an unlikely legal conclusion.

The difference that most people seem to be arguing here is that
uploading something to Debian doesn't automatically cause the stuff to
be exported to a T7.  Currently, it doesn't, because we don't have any
mirrors (at least official ones) in one of these countries.  So no
developer is knowingly exporting to a T7.  It might eventually end up
there, but I agree that the current law covers us.

However, does that mean that if someone from Cuba wants to set up an
official mirror, we have to tell them no?  I don't think that you
could argue, at that point, that people don't know about the export.
Perhaps, for the greater good, Debian has decided that volunteers from
those countries can not help Debian.  That decision has not been made
apparent, though.  I think that a number of people outside the US (and
many inside as well) would balk at this kind of decision.

In any case, I don't think that Florian is worried about his own
personal safety.  Florian is worried about a US developer that gets in
trouble because no one outside of the US is doing reverse IP lookups
or any other due diligence.  The legal advice specifically advised
Debian to do this kind of thing.

Regards,
Walter Landry
wlandry@ucsd.edu

Reply to:

Follow-Ups:
- Re: WARNING: Crypto software to be included into main Debian distribution
  - From: Anthony Towns <aj@azure.humbug.org.au>

References:
- Re: WARNING: Crypto software to be included into main Debian distribution
  - From: James Troup <james@nocrew.org>
- Re: WARNING: Crypto software to be included into main Debian distribution
  - From: Florian Lohoff <flo@rfc822.org>
- Re: WARNING: Crypto software to be included into main Debian distribution
  - From: Sam Hartman <hartmans@debian.org>

Prev by Date: Re: Requesting help with non-GPL MySQL license
Next by Date: Re: WARNING: Crypto software to be included into main Debian distribution
Previous by thread: Re: WARNING: Crypto software to be included into main Debian distribution
Next by thread: Re: WARNING: Crypto software to be included into main Debian distribution
Index(es):
- Date
- Thread