Boost logo

Boost :

Subject: Re: [boost] Questions to help me determine export classification of Boost libraries
From: Rob Stewart (robertstewart_at_[hidden])
Date: 2014-12-20 06:13:54


On December 19, 2014 5:14:43 PM EST, Ben Fritz <benjamin.fritz_at_[hidden]> wrote:
>
>I do not think it is unreasonable to answer the question, "does this
>library contain encryption software?"
>
>I understand my original question may be overly broad as asked. Let me
>try
>to be more specific.
>
>1. Does Boost.ASIO contain any encryption software itself, or does it
>rely
>on OpenSSL for all of its encryption?
>2. Does Boost.UUID contain any code to actually encrypt message
>content, or
>only the code to calculate a hash/digest?
>
>I had hoped, since I am not familiar with the code, that someone could
>say
>"yeah, none of the other libraries contain encryption technology". But
>I
>can see why that would be hard for any one person to answer. Would I be
>better off asking about every library individually?

You will need to ask about each library individually to get the attention you need in each case. The [library] notation in the subject line mentioned at http://www.boost.org/community/policy.html often is used to filter mail from this list.

However, as others have pointed out, there's a problem with understanding what is and isn't encryption, as applicable to the export laws, so any answer you get could be wrong. Thus Karen's advice to hire a consultant to work with a lawyer in order to find any problematic code in Boost seems the only viable option.

___
Rob

(Sent from my portable computation engine)


Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk