On Sun, Feb 24, 2002 at 10:52:12AM +0100, Florian Lohoff wrote:
> There are multiple issues which dont fit in my picture of Debian. I feel
> that i (although i dont live within the US) will be held responsible
> under US laws (Or if they can not get hold of me the knowingly exporter
> using my infrastructure).
You are, of course, free to feel whatever you want, but in the above
case you're quite simply just being stupid.
First, if you're not exporting from the US, you're not liable under US
export laws. This has absolutely *nothing* to do with you.
Second, the restrictions are mostly nothing that hasn't already been
there. You're basically not actually allowed to export anything to the
T7 countries anyway, whether it be ssh or gnome-freecell. You're also not
required to implement any blocking, or actively go through your log files,
or anything of the sort. As long as you aren't specifically trying to get
embargoed technology into the T7 countries, you're fine. When we said you
might want to implement such measures "as a show of good faith", that's
exactly what we meant: it's the sort of thing you could implement if you
wanted to show Uncle Sam you're with him all the way on the War on Terror.
> My assumption is that the mirrors are a big
> part of debian and if one sees a mirror in the T7 countries the upload to
> incoming can be interpreted as knowingly exporting to emborgoed contries.
Your assumption's wrong. Mirrors are just that: mirrors. Debian runs a
few, and can reasonably be held responsible for those.
> "We recommend that you perform IP checking and deny downloads to known
> embargoed countries."
> This is against any free picture of the world.
Whatever. If the Americans to whom this applies to don't like it, I'm
sure they'll work on lobbying their representatives.
> It means we are shutting down service to people because the US govt.
We're doing no such thing, and if you could possibly wipe away some of
the froth for a moment, you might see that.
If you don't feel comfortable mirroring Debian anymore because you think
you might be held liable for something you don't wish to be held liable
for, feel free not to mirror Debian anymore. That's your choice.
If you're worried that US mirrors or Debian will be held liable for
things, well, be aware that we've had professional legal advice from
a lawyer that specialises in the field that says you're worries are
baseless.
If you'd like Debian to make it as hard for US citizens to get a copy
of ssh as possible just because you can, well, go screw yourself.
Yeesh.
Cheers,
aj
--
Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/>
We came. We Saw. We Conferenced. http://linux.conf.au/
``Debian: giving you the power to shoot yourself in each
toe individually.'' -- with kudos to Greg Lehey
Attachment:
pgpjk8FsZc52O.pgp
Description: PGP signature