httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Galbavy <>
Subject Re: SSL ...
Date Mon, 21 Jun 1999 15:07:16 GMT
On Mon, Jun 21, 1999 at 10:43:34AM -0400, Jim Jagielski wrote:
> Well, the best solution would be OpenSSL ( which has
> both Ben and Ralf (and others) as developers. Because of US export
> restrictions, AG really can't "touch" SSL code. There's no
> official recommendation because, well, we can't do that :) :)

Just to clarify, OpenSSL is the continued work from SSLeay, which
*both* SSL packages use as a library. As I understand it, and I am (a)
no legal expert, and (b) outside the US, under old, decrepit and
trade-hindering export controls, it is not only illegal to export
cryptographic technology (which is classed as a munition) but also
systems with the *hooks* in it to enable to easy incorporation or
external crypto-systems.

SSLeay/OpenSSL is the crypto code and mod_ssl/the-other-one (whose
name has just exscaped me - honest) are the "hooks". AFAIK.

I understand that the regulations may have been relaxed over the past
couple of years from the US side, but the law is still the same. This
must be in the documentation somewhere...

But, in this international world of ours (sic), other countries have
their own bizarre laws and regulations. In France it is illegal to use
un-licensed crypto technology (great for supporting e-commerce
****-heads) and here in the UK, there are too many arcane laws that
means that basically the government and the secret services can tell
you whatever they like... the complete lack of a written constitution
can only occasionally be noticed...

Peter Galbavy
Knowledge Matters Ltd

View raw message