[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]


starting at section 734.2, we are led to..

>This license exception authorizes exports and reexports of
>operation technology and software; sales technology and software;
>software updates (bug fixes); "mass market" software subject to
>the General Software Note; and unrestricted encryption source
>code.  Note that encryption software is not subject to the
>General Software Note (see paragraph (d)(2) of this section).

ok.. so we can ignore d2.. 

>(d)  General Software Note: "mass market" software
>(2) Software not eligible for this License Exception. This
>License Exception is not available for certain encryption
>software controlled under ECCN 5D002. (Refer to the Cryptography
>Note in Category 5 - part 2 of the Commerce Control List for
>information on Mass Market Encryption commodities and software.
>Also refer to §§742.15(b)(1) and 748.3(b) of the EAR for
>information on item classifications for release from "EI"
>controls and "NS" controls).

"Note that encryption software is NOT subject to the".. above.
so here we are, subparagraph e

>(e) Unrestricted encryption source code
>(1) Encryption source code controlled under ECCN 5D002, which
>would be considered publicly available under §734.3(b)(3) of the
>EAR and which is not subject to an express agreement for the
>payment of a licensing fee or royalty for commercial production
>or sale of any product developed with the source code is released
>from EI controls and may be exported or reexported without review
>under License Exception TSU, provided you have submitted written
>notification to BXA of the Internet location (e.g., URL or
>Internet address) or a copy of the source code by the time of
>export.  Send the notification to BXA at crypt@bxa.doc.gov with a
>copy to ENC Encryption Request Coordinator, or see §740.17(e)(5)
>for the mailing addresses.  Intellectual property protection
>(e.g., copyright, patent or trademark) will not, by itself, be
>construed as an express agreement for the payment of a licensing
>fee or royalty for commercial production or sale of any product
>developed using the source code.
>(2)  Object code resulting from the compiling of source code
>which would be considered publicly available can be exported
>under TSU if the requirements of this section are otherwise met
>and no fee or payment (other than reasonable and customary fees
>for reproduction and distribution) is required for the object
>code.  See §740.17(b)(4)(i) for the treatment of object code
>where a fee or payment is required.

so, i can export/reexport object code, and source code which
is "considered publicly available under 734.3(b)(3)

if you hunt around for where they define publicy available
basically if you dont charge for the code/software except for
"duplication/reproduction/distribution costs", its OK.

>(3) You may not knowingly export or reexport source code or
>products developed with this source code to Cuba, Iran, Iraq,
>Libya, North Korea, Sudan or Syria.
>(4) Posting of the source code or corresponding object code on
>the Internet (e.g., FTP or World Wide Web site) where it may be
>downloaded by anyone would not establish "knowledge" of a
>prohibited export or reexport, including that described in
>paragraph (e)(2) of this section.  In addition, such posting
>would not trigger "red flags" necessitating the affirmative duty
>to inquire under the "Know Your Customer" guidance provided in
>Supplement No. 3 to part 732 of the EAR.

so... its all good.

so, i as a US resident, can upload stuff to non-us
provided I follow the instructions (notifying BXA)

does anyone object if i do this?

personally I am not concerned, I have read the relevant portions of
the EAR, and believe I grok them, and thus am not concerned of
running afoul of the law myself.

I just don't want to get Debian involved.
Personally I do not see how it would be a problem.
As Debian would not be exporting. I would.
i.e. when I upload to pandora.

Brian Russo      <brusso@phys.hawaii.edu>
Debian/GNU Linux <wolfie@debian.org> http://www.debian.org
LPSG "member"    <wolfie@lpsg.org>   http://www.lpsg.org

Reply to: