Jeff Gehlbach writes:
: -----BEGIN PGP SIGNED MESSAGE----- : : I apologize if this is a dead horse, but... : : Is granting use of crypto software running in the US to a remote user : outside the US considered exportation? For example, if allow my friend in : Paris to use a PGP binary residing and running on my PC in Washington, is : either of us violating any ITAR or similar restrictions?
Nothing about the ITAR is unambiguous, but since what is forbidden is ``exporting'', which includes ``disclosing to foreign persons'', and since use is not forbidden, it is hard to see how what you suggest could violate the ITAR. (And I don't know of any other U.S. law or regulation that it could violate.)
If memory serves, Digital Equipment Corp was obliged to remove a demonstration supercomputer from the net. The argument was that Iraqis could telnet into it (it had free guest accounts) and run nuclear weapons simulations on it. Some of the list members probably remember the details.