Subject: RE: Question on OSD #5
From: "Lawrence Rosen" <lrosen@rosenlaw.com>
Date: Fri, 23 Nov 2007 15:04:30 -0800

Ben Tilly wrote:
> Not so fast.  There is plenty of open source encryption software that
> by US state classification is not allowed to be exported to a specific
> list of countries.  (Perhaps that is "was".  I haven't kept up on the
> issue.)  But nobody argues that those pieces of software are not open
> source.

Three comments about this:

1. Open Source Software Institute (OSSI, http://www.oss-institute.org/) has
been instrumental in obtaining US DoD approval for OpenSSL, a general
purpose cryptographic library that works on all important platforms and is
open source. [1] John Weathersby, executive director of OSSI, is copied on
this email; he can answer your questions about that. There are open source
alternatives for encryption.

2. Other than certain kinds of encryption software, I believe that US law
allows open source software to be freely exported anywhere in the world.
Perhaps the relevant government agencies have concluded that it is simply
impossible to stop open source software from proliferating. :-) Furthermore,
because it is open source, the US government is free to use it, examine it,
and perhaps take emergency action if open source software were being used
dangerously. That is one advantage we have over proprietary software.

3. Although I am a lawyer, I am only vaguely familiar with the complex
specialty of US export laws. Do not take this email as legal advice, and do
not assume it is even correct on the law. Perhaps a real expert will speak
up here....

/Larry

[1]
http://www.oss-institute.org/index.php?option=com_content&task=blogcategory&
id=84&Itemid=123 



> -----Original Message-----
> From: Ben Tilly [mailto:btilly@gmail.com]
> Sent: Friday, November 23, 2007 2:18 PM
> To: Chris Travers
> Cc: License Discuss
> Subject: Re: Question on OSD #5
> 
> On Nov 23, 2007 1:58 PM, Chris Travers <chris.travers@gmail.com> wrote:
> > On Nov 23, 2007 11:09 AM, Ben Tilly <btilly@gmail.com> wrote:
> >
> > > The best known piece of software to successfully sneak out of a
> > > classified project in a high security facility is Perl.  Opinions
> > > differ on whether this was a good or bad thing. :-)
> >
> > IANAL....
[LR:] <snip>