I received a phone call today from a lady with the U.S. Bureau of Export Administration (BXA) who'd read my AEScrypt page (the URL of which I'd submitted to them for an export license exemption as required by U.S. . . .

I received a phone call today from a lady with the U.S. Bureau of Export Administration (BXA) who'd read my AEScrypt page (the URL of which I'd submitted to them for an export license exemption as required by U.S. export regulations). aescrypt is of course Open Source. She wished to remind me that any application built using Open Source encryption components had to also be submitted to the BXA for the proper export license or license exemption if the application was to be exported. The export license for the component covers only the component, not applications that use the component. The fact that the component itself is Open Source and thus may be freely exported does not matter.

Hopefully this reminder will prevent problems on the part of those who use AEScrypt or other Open Source encryption components as part of a larger application.

-Eric

The link for this article located at LinuxToday/Eric Green is no longer available.