export restrictions in EULA

[Alan Cox]

On Wed, Jan 31, 2007 at 03:18:00PM -0500, Michel Salim wrote:
> >curiosity how is that being enforced on the Fedora infrastructure end,
> >and how is that restriction handling passed to mirrors?  Is each
> >mirror required to implement their own set of restrictions?  Does a
> >Fedora mirror server in Canada (or some other non-restricted country)
> >sidestep that issue?  If so, doesn't that basically make the EULA
> >clause moot (from a once the dam is broken kinda perspective)?

With my Red Hat firmly *off* I can perhaps comment on the situation a little.

US companies and citizens are in the rather peculiar state of actually being
forbidden from dealing with some countries or even visiting certain of them
(as opposed to merely being forbidden to deal commercially with or sell
"dual use" products to them). Cuba is one of these for rather political 
reasons. As a US company Red Hat is obliged to follow US law, ditto US 
citizens.

In other jurisdictions the laws vary - restrictions like the US one are 
very rare but some countries do count crypto as stuff not to be shipped to
their particular list of "rogue states". So if you run a mirror check the
local law.

In other states you may actually be committing an offence if you enforce the
US regulations, as it falls under various kinds of "racial discrimination"
laws.

And Canada has its own collection of laws to do with Cuba designed to maximally
screw up any attempt by the USA to enforce US law on Canadian companies. Not
sure how that affects Canadian mirrors.

Every piece of software has ugly corners people prefer not to touch or look
into, export law often seems to be one of the legal equivalents because it
used as a political tool.

Alan