[CentOS] [CentOS-announce] CentOS Project joins forces with Red Hat

Wed Jan 8 04:15:07 UTC 2014
Robert Moskowitz <rgm at htt-consult.com>

On 01/07/2014 08:38 PM, Stephen Harris wrote:
> On Wed, Jan 08, 2014 at 01:27:49AM +0000, Always Learning wrote:
>> On Tue, 2014-01-07 at 20:14 -0500, Stephen Harris wrote:
>>
>>>    If the software was
>>> subject to EAR then it was subject to it regardless of a web page
>>> stating it.
>> [EAR = USA's Export Administration Regulations]
>>
>> How would a mere downloader from a mirror, or a purchaser of a Centos
>> disk or even a beneficiary of a free Centos disk at a Centos event
>> beware of USA law restrictions and understand the full legal
>> implications of USA law ?
> You're missing the point.
>
> This is not RedHat causing "[t]he compulsory imposition of USA law on
> all Centos downloaders" (your words); that imposition _already existed_
> regardless of a web page telling you.  The difference, now is that
> you're told about it (presumably standard RedHat legal boiler template
> 'cos RH lawyers believe it adds some protection to _them_ - and thus
> the CentOS board - by having it there).
>
> The legal situation for downloaders _has not changed_ by the presence
> of that section on the web site (and the page has even less importance
> considering you can download the DVDs without even having to see that
> page; it's not an agreement you sign or click through).
>
>> Its reminiscent of the PGP farce from nearly 20? years ago.
> It's the same farce.

No.  That was ITAR, and no farce.  ITAR is very proscriptive, and only 
the loophole on printed algorithms allowed PGPv3 to be shipped out 
legally.  It took us some time, but we finally weakened ITAR.  I 
remember well, as I was running the IPsec international interoperablity 
work back then and had a major hand in showing the non-enforceablity of 
ITAR wrt cryptography as munitions.