On Fri, Dec 19, 2014 at 3:30 PM, Rene Rivera
Right. If I compile/link any crypto functionality into software I
then I'm "exporting" it. That's about the extent of my knowledge of
release, this.
As the last paragraph of that blurb suggests.. You should extend your knowledge with the help of a suitably experienced lawyer.
So, my question is: does Boost.ASIO actually contain encryption? Or does it
rely on OpenSSL for all its encryption? If it does depend on OpenSSL, how can I determine whether any OpenSSL functionality has made it into the final *.a or *.lib or *.dylib file?
And, can someone confirm Boost.ASIO is the only library I need to worry about?
Being seriously blunt here.. I would recommend that no one ostensibly representing Boost "confirm" anything. As it would put them, Boost, and
Yes, that is why some experts within the company I work for have created a questionnaire to help determine the final classification. I am currently trying to fill out that questionnaire, but since I have no technical knowledge of the Boost libraries' codebases, I am posting on this list to get the knowledge I need about the libraries themselves. Knowing *what* knowledge I need has already been solved by somebody else. the
SFC in potential legal liability. Sorry if this is the legal world we live
I understand the concern. Before I came to the list I was given guidance that since the "vendor" of the libraries has not provided the ECCN that our company will need to come up with the ECCN on our own based on technical knowledge about the library. Unfortunately, I am not a developer of boost, only a user (and only indirectly at that) and therefore do not have that knowledge myself. I do not think it is unreasonable to answer the question, "does this library contain encryption software?" I understand my original question may be overly broad as asked. Let me try to be more specific. 1. Does Boost.ASIO contain any encryption software itself, or does it rely on OpenSSL for all of its encryption? 2. Does Boost.UUID contain any code to actually encrypt message content, or only the code to calculate a hash/digest? I had hoped, since I am not familiar with the code, that someone could say "yeah, none of the other libraries contain encryption technology". But I can see why that would be hard for any one person to answer. Would I be better off asking about every library individually? -- Ben Fritz