cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: ECCN and curl/libcurl

From: Ralph Mitchell <ralphmitchell_at_gmail.com>
Date: Fri, 14 Mar 2008 13:32:12 -0500

On Fri, Mar 14, 2008 at 12:59 PM, Dan Fandrich <dan_at_coneharvesters.com>
wrote:

> On Fri, Mar 14, 2008 at 04:25:28PM +0100, Patrick Monnerat wrote:
> > Politics slang is "scrambled" to me, but I can note this is about using
> > curl/libcurl within arms (or things considered as such): I totally
> > disagree with such a use, but the curl/libcurl license does not ban it.
>
> I don't think that's the question here--the U.S. government until
> recently considered any software that does encryption to BE arms! So,
> exporting libcurl (which allows encrypting data streams) outside the
> U.S.A. was to them equivalent to exporting a Stinger surface-to-air
> missile!
>
> Those rules were changed some years ago to allow exports of encryption
> software, but I don't know what kind of red tape is involved. In any
> case, it's not something that Daniel really needs to worry about (being
> outside the U.S.A.).

I don't think it matters that Daniel is outside the USA - any encryption
code used to be classified as munitions, so *exporting* such code from the
USA required an arms dealers license. And it didn't matter that the code
was already freely available *outside* the USA... A number of people
protested by poking fun at the law by putting a 3 line Perl implementation
of the RSA algorithm on t-shirts and in email signatures, thereby turning
them into munitions. See here:

     http://www.cypherspace.org/adam/rsa/

I think the turning point came in January 2000, as referred to by Phil Karn:

     http://ka9q.net/export/

Ralph Mitchell
Received on 2008-03-14