on Wed, Aug 06, 2003 at 07:13:34AM -0400, James M. Nugent (JamesMNugent@covad.net) wrote: > Hello, > > I work with a non-profit in N. Virginia (Computer CORE) that provides > refurbished computers to low-income adults and other non-profits that > use them for various applications. We're currently working with a > church group that wants to distribute out old P-I systems to Liberia. > Normally we would have them buy $5 versions of Win 98 which we would > install on the systems, but they're not in a position to spend the > $160 to do this. We're trying to find a version of Linux that we could > install, but we are being told that we can't export systems with > current encryption. Do you have a version of Linux with 56-bit > encryption that we could obtain? This is my understanding of latest crypto regs. The situation is fluid, and since Sept. 11, 2001, the environment in the US is changing somewhat. To the best of my knowledge it's accurate. The US Department of Commerce regulates cryptography export. The current regulations are detailed at: http://www.bxa.doc.gov/Encryption/ http://www.bxa.doc.gov/Encryption/PubAvailEncSourceCodeNofify.html (yes, it's "Nofify", not "Notify". Security through obscurity?) For "publicly available" encryption source code, the requirement is notification of intent to export. This notification can be provided by email, and in fact both instructions and links for doing so are provided at the second link above. This is sufficient to allow export of publicly available encryption products, in both source and object versions: Encryption source code that would be considered publicly available is eligible for this provision of License Exception TSU even if it is subject to an express agreement for the payment of a license fee or royalty for commercial production or sale of any product developed using the source code. Corresponding object code resulting from the compiling of such source code is also eligible for License Exception TSU if it is also made publicly available. IANAL, TINLA, YADA. Peace. -- Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/ What Part of "Gestalt" don't you understand? Ceterum censeo, Caldera delenda est. SCO vs IBM Linux lawsuit info: http://sco.iwethey.org
Attachment:
pgpdcsYyi4nSb.pgp
Description: PGP signature