[legal] port with restrictive license

Chuck Swiger cswiger at mac.com
Thu Sep 16 21:03:36 UTC 2010


On Sep 16, 2010, at 11:44 AM, Dmitry Marakasov wrote:
> The only thing left that worries me is that US export laws stuff - I
> absolutely don't understand what that means and how we can/cannot
> violate these by mirroring distfiles/packages. For now I've removed all
> mirroring permissions from LICENSE_PERMS for EULA, so this should be
> safe. However, I'd really like that stuff explained by someone so
> mirroring could maybe be reenabled.
> Is I understand, to comply with license, we need to prohibit
> distribution of software into "(or to a national or resident of)
> any country to which the United States has embargoed goods", which
> we likely won't do thus we should not mirror the files.

It generally isn't useful to include specific legal geographical restrictions into the terms of a license which is used world-wide.  US citizens/residents already are obligated to obey US law, just as people elsewhere are obligated to follow their own local laws; a software license doesn't need to mention them any more than it needs to include the Magnuson-Moss  Warranty Act or the US FTC's policies and statutes on "unfair or deceptive acts or practices".

Both the OSI and the FSF/GNU folks recommend against including references to US ITAR export restrictions or similar in licenses.  However, if you want more info, then the US export regulations described as ITAR are documented here:


...but they explicitly do not apply to material which legitimately is in the public domain:

"The controls of this part apply to the export of technical data and the export of classified defense articles.  Information which is in the public domain (see §120.11 of this subchapter and §125.4(b)(13)) is not subject to the controls of this subchapter."

FTP or webservers located in the US which are hosting open-source software generally do not check whether source IPs come from an embargoed country.  On the other hand, Dan Bernstein and Phil Zimmerman/PGP folks ended up fighting protracted legal battles over the issue of publishing cryptographic software....


Disclaimer: I'm not a lawyer, nor will I play one on FreeBSD mailing lists.  :-)

More information about the freebsd-ports mailing list