Re: SSH .deb files

[cjw44@cam.ac.uk (Colin Watson)]

d.wright@open.ac.uk (David Wright) wrote:
>Quoting Colin Watson (cjw44@cam.ac.uk):
>> glen@gomotech.com (Glen S Mehn) wrote:
>[...]
>> > ... Ssh uses cryptography that you
>> >technically have to license in the US to use, so it's a "non-US"
>> >package.
>> 
>> With the slink version that's true, but that really makes it non-free
>> rather than non-US. potato now has OpenSSH, which doesn't suffer from
>> this problem.
>> 
>> The non-US problem is that US law prohibits software containing strong
>> encryption from being exported from the United States; it therefore has
>> to be placed on a mirror outside the United States for people to
>> download. (Importing it into the US is OK.)
>
>If ssh were non-free, and I were to download it from a site in the US,
>then I would've broken the law, wouldn't I? Whereas, because it's non-US,
>I can't find it on any US site, so I can't accidently break the law.
>Right?
>
>Does OpenSSH not suffer from this problem as well? Does it contain
>strong encryption or not?

I'm sorry, that was bad phrasing on my part. What I was trying to say is
that OpenSSH doesn't suffer from the licensing problem, so it's no
longer non-free. However, the old ssh package was non-US/non-free, and
OpenSSH is still a non-US package, as it still contains strong
encryption.

-- 
Colin Watson                                           [cjw44@cam.ac.uk]
Trinity College, Cambridge, and Computer Science         [riva.ucam.org]