Samba on Linux and LDAP
dshearer at spri.levels.unisa.edu.au
Thu Jun 4 01:59:32 GMT 1998
On Wed, 3 Jun 1998, William Stuart wrote:
> SSL would have to be seperate for a GPL project because the US gov't does
> not issue licenses for source code distributions of crytograpghic
> materials, even those with "legal" key sizes (I think there is an
> exception for password encryption).
This is not the case: all you have to do is make sure the software is
never archived on a site inside the US accessible outside the US and is
never worked on by US developers (or possibly US citizens wanting to live
in the US again - I'm not sure about this though.) This doesn't stop
people in the US importing via ftp and using it. In some circumstances
there is a license fee to pay for free software in use by people in the US
which uses certain algorithms.
You can as I think you are suggesting make 128-bit SSL a separate project,
linking in the libraries. However this too is often illegal for export
under US law, they use the term "crypto with a hole". You'll find some of
these questions discussed at the home of the SSLeay libraries at
www.cryptsoft.com by people who are genuine experts, as opposed to me!
Fortunately a majority of the people in the world don't live in the US.
More information about the samba-technical