2000-10-31 00:39:43

by H. Peter Anvin

[permalink] [raw]
Subject: kernel.org cryptographic software policy change

Hi everyone,

The U.S. government further liberalized the handling of cryptographic
Open Source software in the new crypto regulations dated 2000-10-19. As
a result, I have consulted with our lawyer and we no longer feel that it
is necessary to require that object code be derived from source code only
available on kernel.org; as long as it is available for free.

Thus, the new kernel.org policy on cryptographic software is:

Cryptographic software may only be uploaded if it is Open Source; and, if
binary, the source code is available on for free via the Internet.

The legal notice w.r.t. encryption software is revised to read as

This site includes publicly available encryption source code which,
together with object code resulting from the compiling of publicly
source code, may be exported from the United States under License
"TSU" pursuant to 15 CFR Section 740.13(e).

This change is effective immediately.


<[email protected]> at work, <[email protected]> in private!
"Unix gives you enough rope to shoot yourself in the foot."