Bug 1165035 - Fedora license mentions obsolete EAR regulations
Summary: Fedora license mentions obsolete EAR regulations
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: distribution
Version: 22
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Václav Pavlín
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: FE-Legal
TreeView+ depends on / blocked
 
Reported: 2014-11-18 07:59 UTC by Yuhong Bao
Modified: 2015-11-03 09:26 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-11-03 09:26:02 UTC


Attachments (Terms of Use)

Description Yuhong Bao 2014-11-18 07:59:21 UTC
From https://fedoraproject.org/wiki/Legal/Licenses/LicenseAgreement20 :
"5.  EXPORT CONTROL.  By downloading Fedora software, you 
acknowledge that you understand all of the following: Fedora 
software and technical information may be subject to the U.S. Export 
Administration Regulations (the “EAR”) and other U.S. and foreign 
laws and may not be exported, re-exported or transferred (a) to any 
country listed in Country Group E:1 in Supplement No. 1 to part 740 
of the EAR (currently, Cuba, Iran, North Korea, Sudan & Syria); (b) 
to any prohibited destination or to any end user who has been 
prohibited from participating in U.S. export transactions by any 
federal agency of the U.S. government; or (c) for use in connection 
with the design, development or production of nuclear, chemical or 
biological weapons, or rocket systems, space launch vehicles, or 
sounding rockets, or unmanned air vehicle systems. You may not 
download Fedora software or technical information if you are 
located in one of these countries or otherwise subject to these 
restrictions. You may not provide Fedora software or technical 
information to individuals or entities located in one of these 
countries or otherwise subject to these restrictions. You are also 
responsible for compliance with foreign law requirements applicable 
to the import, export and use of Fedora software and technical 
information. "
This is probably now obsolete with US export restriction changes in 2011:
https://www.federalregister.gov/articles/2011/01/07/2010-32803/publicly-available-mass-market-encryption-software-and-other-specified-publicly-available-encryption

Comment 1 Jaroslav Reznik 2015-03-03 16:30:44 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 22 development cycle.
Changing version to '22'.

More information and reason for this action is here:
https://fedoraproject.org/wiki/Fedora_Program_Management/HouseKeeping/Fedora22

Comment 2 Jon Disnard 2015-04-07 22:43:51 UTC
This should probably go through Red Hat legal, I'm not a lawyer, and this is not legal advice.

So after spending time reading through the regulations, it is my opinion that Fedora may want to amend the export language to include a line about having a TSU exception, with ECCN 5D002. Basicly publicly available cryptographic software contained in Fedora is not regulated anymore.

For an example of this see the Yocto project [1] export compliance page. A simple one liner on the bottom appears to be the main difference.

https://www.yoctoproject.org/tools-resources/export-compliance

Comment 3 Tom "spot" Callaway 2015-11-03 09:26:02 UTC
The EAR language is correct. Fedora is ECCN 5D002, with a TSU exception, and we have been for quite some time. We keep that information here:

https://fedoraproject.org/wiki/Legal:Export


Note You need to log in before you can comment on or make changes to this bug.