Subject: Re: [boost] Questions to help me determine export classification of Boost libraries
From: Rob Stewart (robertstewart_at_[hidden])
Date: 2014-12-20 06:13:54
On December 19, 2014 5:14:43 PM EST, Ben Fritz <benjamin.fritz_at_[hidden]> wrote:
>I do not think it is unreasonable to answer the question, "does this
>library contain encryption software?"
>I understand my original question may be overly broad as asked. Let me
>to be more specific.
>1. Does Boost.ASIO contain any encryption software itself, or does it
>on OpenSSL for all of its encryption?
>2. Does Boost.UUID contain any code to actually encrypt message
>only the code to calculate a hash/digest?
>I had hoped, since I am not familiar with the code, that someone could
>"yeah, none of the other libraries contain encryption technology". But
>can see why that would be hard for any one person to answer. Would I be
>better off asking about every library individually?
You will need to ask about each library individually to get the attention you need in each case. The [library] notation in the subject line mentioned at http://www.boost.org/community/policy.html often is used to filter mail from this list.
However, as others have pointed out, there's a problem with understanding what is and isn't encryption, as applicable to the export laws, so any answer you get could be wrong. Thus Karen's advice to hire a consultant to work with a lawyer in order to find any problematic code in Boost seems the only viable option.
(Sent from my portable computation engine)
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk