For people who don't know, he's referring to a scheme where someone in the
U.S. would export cryptography software to someone in Canada, who would
then turn around and re-export the software to the rest of the world.
This won't work; a U.S. resident who exports crypto to Canada with the
intention of having someone in Canada re-export the software WILL be
prosecutable in the U.S. Big Brother is watching!
For any cryptography to be integrated into the mainline Linux kernel, the
cryptography will have to be implemented outside the U.S., and the kernel
will have to be maintained from outsided the U.S. Unless the cryptography
is usable only for authentication. Additionally, once crypto gets into the
mainline kernel, the kernel will not be re-exportable from the U.S.
This is certainly one interpretation of the U.S. Export laws. Other
people have made other interpretations. Unless someone is a real
lawyer, and is willing to render a real Legal Opinion, people playing
net.lawyer is probably not a productive use of the linux-kernel channel.
- Ted