[Cryptography] What should I put in notifications to NSA?
The Doctor
drwho at virtadpt.net
Mon Dec 21 13:51:00 EST 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On Sat, 19 Dec 2015 17:39:54 -0500
"Kevin W. Wall" <kevin.w.wall at gmail.com> wrote:
> But could that be that while Project Byzantium _used_ OpenSSL, it did
> not package up OpenSSL as part of it's distribution (including being
> statically compiled against OpenSSL)?
That is absolutely correct.
The reason we asked legal counsel for guidance is because none of us are lawyers. Due to the fact that we linked a bunch of stuff against OpenSSL, and would be distributing a Linux distribution that incorporated OpenSSL on an international basis, we wanted to avoid as much legal trouble as possible. To put it another way, we didn't want to risk going to jail because we did not carry out due dilligence.
> I would think in such cases there would be no issue since you not actually
> delivering any crypto to anyone yourself.
You would think that; we mostly thought that. But 'think' and 'legal experts say $foo' are two different things.
tl;dr - We aren't lawyers, so we asked a lawyer who knew the ins and outs of this area of law.
- --
The Doctor [412/724/301/703/415] [ZS]
PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/
"I am not an atomic playboy!" --Future Crew, _Second Reality_
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJWeEoUAAoJED1np1pUQ8RkSjAP/j+nq4qK9ppIpUcr0x8hldRM
L36/jEHbWAWmiXBOR3XhfFZ7sWLvUM35VpbTSaVFNbG1x7Zop+1X33hpk7qKcpSN
UqplseXm1t0J/YIopG04nYgJhP67MzDTfM4j8E8LMoUa363tf1nGw0ryuDvFkr7O
3KtwBvlKjfoc3MWIHMqlxymhchncjuCxXvSsWXThS6ASXwD5y5uNTfRW1B+ziBM/
e78A+6KBZ672zzL9rb7hiSnARRlAXYKhHFI2+BRcSh0qcX/zoMySI6W7q5jjJtxr
1B5V2myBuNsGfvnh45YPmdKmeJBjVQbUm1KgL7Ek/VP/ZnMfR+kGXfSANgGhQazk
2GwuxZ3wO/AYKVG7tnvXUnMppBY2pyeNFaVlXCwYeqj2zmXmf7utO6CH8U+TqqCV
hfLSyDEN9V2xU5LPySHeBETLggFg6U/42hFWZRf1qudnFEIfhMxi5RbpOak64InO
1sEgpjBfbv+TqC8cziis0VHEMQDSOby2USilPnFH8gzy4wnqjTmxHfXF0+m2IhYH
JSVreC/vwDAvwXkV80EQ5ttCa5WW4cN37fuSxBFCFQ+BroYljqejfWhblOdsdUi3
G3KHcSQJaxGDzO9vFFQJaWWFUvvriO3IVEFTp1dogxHRQfCqrnDdWpXzoqWs1GZL
calysP7R9mGTd9sr/WLd
=vXwI
-----END PGP SIGNATURE-----
More information about the cryptography
mailing list