I've stayed out of this issue for the most part, but I'd like to question you on a couple of these points. I'm not asking you to accept American code (as a Canadian), but I'd like you to prove your stance a bit better. > Code containing contributions from US authors, however slight, is subject > to US export rules forevermore. There is no practical way to free it from > them. Can you cite me some evidence for this? Export is an event, not a status, for the country from which an object was exported. If I purchase a US-made car and the US decides that it is illegal to export vehicles to Canada, they will have no way to get me to send my car back to them, nor will my car become illegal to use in Canada or the US, unless another specific law to that effect were enacted. Also, as a possibility, what if a US citizen were to contribute code to and assign its Copyright to an external export-legal group (like a Canadian organisation)? Would that code's US origin have any future bearing on its use? > There are also some issues of support. One area the recent relaxation of > rules has *not* affected is technical assistance: private correspondence > with foreigners about technical issues of crypto requires case-by-case > prior approval from the government, even if the crypto in question is > freely exportable. Yes, really. This _is_ an issue in my mind. A large issue too. I think, however, were code to be otherwise allowed from US contributors, that it would simply have to be well documented and commented on at the time of contribution, and on a case-by-case basis decide whether it should be accepted or if it would require too much support (a patch vs. a new feature / plug-in). -- Michael T. Babcock http://www.fibrespeed.net/~mbabcock/ Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
