Re: US Maintainer Putting Package on non-US
* Evan Prodromou <evan@debian.org> [010305 18:46]:
> My problem is that I'm a US citizen. I think, as far as I can tell,
> that it's legal for me to upload this code to a non-US server.
It is, provided you mail a copy of the software or the public address where
you will be posting it to crypt@bxa.doc.gov before you upload. I've proposed
a modification to dupload that would let you automagically send the package
itself to a list of addresses at upload time. (It's too difficult to
reliably tell what the ultimate location is going to end up being due to
mirroring, potential future changes to dinstall, etc.)
> My
> question is: is it OK, Debian-wise? Or must all non-US code be
> uploaded by non-US maintainers?
>
It used to be prohibited for people in the US to upload crypto capable
software to non-us, but I don't think this is the case any longer. Recently,
I've even seen growing consensus that it's OK to upload crypto software to
main provided you make the bxa notification before you upload. Crypto and
crypto hooks already in main includes Netscape 4, mutt, and the soon to be
uploaded Mozilla 0.8 package.
--
Brian Ristuccia
brian@ristuccia.com
bristucc@cs.uml.edu
Reply to: