This is a discussion on Re: ECCN & TSU exception for OpenSSL? - Openssl ; On 3/7/06, Dr. Uwe Girlich wrote: > Hello! > > On Tue, Mar 07, 2006 at 06:13:22AM -0700, Kyle Hamilton wrote: > > PLEASE NOTE: I am not a lawyer. If you need the opinion of one, ask on= e. ...
On 3/7/06, Dr. Uwe Girlich
> On Tue, Mar 07, 2006 at 06:13:22AM -0700, Kyle Hamilton wrote:
> > PLEASE NOTE: I am not a lawyer. If you need the opinion of one, ask on=
> I asked one of the export experts of Siemens.
Cool. Just tell the export experts to read the EAR 740-13(e), and
have them follow the steps there.
> > However, a clear reading appears to state that you just have to
> > send a copy of the source code (or a URL to obtain the source code) to
> > firstname.lastname@example.org and email@example.com. Please see Export Administration
> > Regulations Section 740-13(e), and
> > http://bxa.doc.gov/encryption/PubAva...odeNofify.html
> I know this but reading the mailing list archive of firstname.lastname@example.org=
> it looks like some members of the OpenSSL community already did this and
> I hoped to simply get the CCATS number of a release.
> Obviously we can also send emails to email@example.com and firstname.lastname@example.org wi=
> the OpenSSL source code we use for our product but I thought it would be =
> to have this handled centrally and only once.
Since the project is hosted and completely maintained outside the US,
there's no reason for the project administrators to go through the
hassle. You might as well just send the source you're using to those
email addresses, and claim it as exempt under TSU. (If you want to
see about a preexisting CCATS number, you might want to try
http://bxa.fedworld.gov/ -- but access demands a fee.)
> > Its ECCN would normally be 5D002, but since it's publicly-available
> > source code it is under exemption TSU, provided the notification
> > requirements are met. Or so it reads to me.
If you've modified it at all, you need to submit the source to the
email addresses above. (It'd be nice if you'd also send patches here,
so the developers can integrate them.) However, if you're using a
stock configuration, the URL to obtain source has already been
OpenSSL Project http://www.openssl.org
Development Mailing List email@example.com
Automated List Manager firstname.lastname@example.org