[openssl-users] OpenSSL and sourc'ing countries (was: calloc vs kssl_calloc)

Jakob Bohm jb-openssl at wisemo.com
Mon Oct 3 23:31:23 UTC 2016

On 01/10/2016 23:01, Jeffrey Walton wrote:
>>>> Is there something more I should do on this issue?  I recall the OpenSSL
>>>> terms of use strongly discouraged people from the US from helping, due to US
>>>> export restrictions.
>>> That's kinda outdated.
>> However there are very many OpenSSL users (myself included)
>> who rely on the legal status of OpenSSL/SSLeay as having no
>> US origin parts.  If this has changed, it needs a big red
>> banner at the top of the www.openssl.org, every affected
>> source file with the original EAY copyright boilerplate or
>> its OpenSSL clone etc.
> That's kind of interesting. Are you saying there are countries where
> you can source and import your crypto from some countries, but not
> other countries?
I'm not sure about that either.  Part of my point is that when
*exporting* or *reexporting* products that include OpenSSL code,
the various filings (including DoC/BIS as it happens) tend to
include declarations related to the country of origin of the
cryptographic software.

Therefore (and for other reasons) it is very disconcerting if a
project such as OpenSSL, which is actually famous for its non-US
origin, silently changes its country of origin.

> As I understand the US procedures from working with DoC and BIS, you
> don't need an import license (only an export license). But I'd be
> interested in hearing how some countries are trying to control the
> crypto from the import side of the equation.
> More humorously, does import versus export even matter? The crypto
> genie is out of the bottle. It can't be put back.
Unfortunately, governments tend to disagree, and we can't all
afford to ignore ill-conceived laws.


Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

More information about the openssl-users mailing list