[Cryptography] What should I put in notifications to NSA?

Kevin W. Wall kevin.w.wall at gmail.com
Sat Dec 19 17:39:54 EST 2015


On Fri, Dec 18, 2015 at 1:14 PM, The Doctor <drwho at virtadpt.net> wrote:
>
> On Thu, 17 Dec 2015 18:01:35 -0500
> Collin Anderson <collin at averysmallbird.com> wrote:
>
> > I am not confident that distinction exists according to the EAR. I believe
>
> Our legal representation's opinion was that it was sufficient for us to be
> compliant with EAR due to the necessary paperwork having already been filed.
> We experienced no blowback or difficulties, consequently.

But could that be that while Project Byzantium _used_ OpenSSL, it did
not package up OpenSSL as part of it's distribution (including being
statically compiled against OpenSSL)?

I would think in such cases there would be no issue since you not actually
delivering any crypto to anyone yourself.

-kevin
-- 
Blog: http://off-the-wall-security.blogspot.com/
NSA: All your crypto bit are belong to us.


More information about the cryptography mailing list