Depending on non-US libs

To: debian-devel@lists.debian.org
Subject: Depending on non-US libs
From: Matt Zimmerman <mdz@debian.org>
Date: Sat, 26 Jan 2002 18:05:33 -0500
Message-id: <[🔎] 20020126230533.GK757@alcor.net>
Mail-followup-to: debian-devel@lists.debian.org

As I understand it, software which links with crypto libs must (still) be
uploaded to non-US.  I have packaged the ARIS Extractor from SecurityFocus,
which links with libcurl to perform an HTTPS POST request.  Though it seems
to run fine with non-SSL libcurl, it cannot fulfill its intended purpose
without SSL support.

Should I:

1. Leave the dependencies as determined by the shlibs file from libcurl,
   which says that either libcurl or libcurl-ssl is OK, and upload to main.
   There is nothing in ARIS Extractor which could even be considered a hook
   to something definitively cryptographic, so this should be legal, yes?
   Of course, the software would not be useful without libcurl-ssl, and that
   is undesirable.

2. Depend on libcurl-ssl only and upload to non-US.  Is this legal? (I am in
   the US, but ARIS Extractor contains no crypto)

3. Hand off the package to someone in the free world

?

-- 
 - mdz

Reply to:

Follow-Ups:
- Re: Bug#128666: Depending on non-US libs
  - From: Adam Majer <adamm@galacticasoftware.com>

Prev by Date: Re: Xconq has a lot of bugs
Next by Date: Re: debian on distrowatch
Previous by thread: Re: Spam (Re: Urgent Investment)
Next by thread: Re: Bug#128666: Depending on non-US libs
Index(es):
- Date
- Thread