Hi. I am a novice Debian package maintainer, in the queue for becoming an official developer. I am maintaining a package called althea, which is an IMAP email client for GTK+. They have recently added support for SSL through linking to libssl (from OpenSSL). This is configurable based on the values of a couple variables in the Makefile. I have a couple of questions: 1) I live in the US. Therefore, do I have to send a BXA notification to the government (I believe license exception TSU is applicable - correct me if I'm wrong)? Also, do I have to do their thing that they mention on their website about sending a message to the ENC Classification Review Coordinator (or, something like that) in addition to crypto@bxa.doc.gov, and if so, how do I do that? Also, is a BXA notification form sufficient to export binary .debs linked with libssl? Would anyone be able to export them, including other US mirror sites, so long as I provide an export of the same stuff that I notify the BXA about? 2) Do the binary .debs go in non-US? What about the Debian source files? If I make additional non-ssl .debs from the same source, would they be in non-US or not? Also, to the people on -mentors, how would I do this? (I am somewhat new to Debian packages.) I know this is a big message, but I very much appreciate any replies that you would be kind enough to give. Please CC on your replies; I am not subscribed to -legal (though I just got through reading your riveting discussion regarding Sergio Brandano's request on the archives :), and even though I am subscribed to -mentors, that mail gets ferreted away by procmail into a separate box and I would like to see this thread in my main inbox. Thank you all. - Jimmy Kaplowitz jimmy@kaplowitz.org - soon, hopefully, jimmy@debian.org :-)
Attachment:
pgpY5ttYmU_0i.pgp
Description: PGP signature