httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <wr...@rowe-clan.net>
Subject Re: AW: restructuring mod_ssl as an overlay
Date Thu, 08 Jun 2006 13:16:48 GMT
Joe Orton wrote:
> 
> If you think there is some group of users who want to be able to 
> download the "crypto"-enabled httpd tarballs in $BANNEDCOUNTRY but 
> refuse to do so because they don't want to violate US export 
> regulations, then maybe that should be addressed separately.  

The group of people who concern me are not those in T-8, they are those who
live in jurisdictions where *they* would be breaking local law by possessing
crypto.  Leave them a) in the backwaters / b) in fear / c) in violation, or
give them a silly httpd-2.2.x-no-ssl.tar.gz?  The later seems sane to me.

This list of countries is rapidly shrinking, but remember even parts of
western europe were subject to such laws not 10 years ago.

> would the SSL support have to be patched out of ab?  

Good point, I don't know that we ever notified BIX of that purpose.

> What about the SSL use in the LDAP code?

Good point, I'm certain we didn't notify BIX of that purpose.

And while we are at it, mod_ftp in incubation has the same issue with both
explicit and implict FTP SSL.

And we appreciate your raising these issues, as Roy's working hard to bring
us into compliance with -our- relevant regulations, in this case, export
controls.

Bill

Mime
View raw message