>>> Is there something more I should do on this issue? I recall the OpenSSL >>> terms of use strongly discouraged people from the US from helping, due to US >>> export restrictions. >> >> That's kinda outdated. > > However there are very many OpenSSL users (myself included) > who rely on the legal status of OpenSSL/SSLeay as having no > US origin parts. If this has changed, it needs a big red > banner at the top of the www.openssl.org, every affected > source file with the original EAY copyright boilerplate or > its OpenSSL clone etc. That's kind of interesting. Are you saying there are countries where you can source and import your crypto from some countries, but not other countries? As I understand the US procedures from working with DoC and BIS, you don't need an import license (only an export license). But I'd be interested in hearing how some countries are trying to control the crypto from the import side of the equation. More humorously, does import versus export even matter? The crypto genie is out of the bottle. It can't be put back. Jeff
