Re: us crypto export regulations
"Pat" <email@example.com> wrote in message
[🔎] firstname.lastname@example.org">news:[🔎] email@example.com...
How would the US export restrictions be applicable to a custom debian
cdrom? The cdrom would have no additional crypto functionality than
what is already available in debian and there would be no changes to
the source code, so how would it apply regarding distributing isos?
How are these export restrictions applicable to mirroring Debian? Is there
anything additional I need to do or is it covered by Debian as it is
I am not a lawyer, so this is not legal advice. I am not a Debian Developer,
and this is in no way an official statement of the project.
Based on http://www.debian.org/legal/cryptoinmain which was written by a
"Only one notification for one U.S. site is required; no separate
notification is required for mirror sites inside or outside the U.S. This
notification would only have to be updated if you added a new program
So assuming that the laywer was correct (and it seems likely, more below),
you should be fine. (Unless the law has changed, but i have not heard of any
Apparently Debian has been used by the government as an example of the right
way to do things (see
http://lists.debian.org/debian-project/2005/08/msg00018.html), so it seems
safe to assume that the lawyer was correct.