On Tue, 5 Mar 2002, IT3 Stuart Blake Tener, USNR-R wrote:
> Now if you are saying that instead of having the actual
> cryptographic code in the kernel, but merely calls to advantage onesself
> of whatever they had loaded into memory in the way of crytographic code
> via a loadable module then this is indeed a superior methodology and I
> would support its implementation most immediately, though I am
> unfamiliar with the legal aspects of such a scenario or why Linus has
> not contemplated such a scenario in the past.
Certain countries -- most notably the US -- consider any software with a
"crypto-shaped hole" in it to be equivalent to crypto software for
purposes of export controls; the buzzword is "enabling technologies". Any
code that is there solely or primarily to support use of cryptography is
covered. Whether "actual cryptographic code" is included or not does not
make much of a difference to export status.
The only way to avoid this is to provide a more general-purpose interface
that clearly has other uses (i.e., other uses are actually implemented,
not just talked about). That's quite a bit harder to do.
Henry Spencer
henry@spsystems.net
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/
