...

[using inline images to display theoretically ITAR violating gifs]

Inline images are not references -- they are part of the page being retrieved.

...

<img src="http://www.dcs.ex.ac.uk/~aba/obscura/rsa.gif"> So that the image is *imported* by the *viewer*, and not supplied by www.obscura.

I would advise him to edit the page so it reads

Click <A HREF="http://www.dcs.ex.ac.uk/~aba/obscura/rsa.gif">here to see a picture of the shirt.

I wrote the page, Lance kindly provided www space which I set up, he's seen it, and thought it funny even. Sounds like you seriously think this is a danger to Lance, something I hoped I avoided by using an inline from outside the ITAR zone.

Inlined images are just a convenient way of chunking. The image is imported by the viewer because the server, as part of the base document, told it to do so. You might be able to fool an ignorant court, but it still doesn't change the fact that Lance has a document that in the natural course of operation of the Web, exports crypto.

Weeell, I'm not so sure. I mean the page says to view this page first get this picture from here, this one from here, this text, format and display. It is not illegal to say *where* to get crypto, just illegal to export it, right? He hasn't exported it, just told the viewer where to fetch it from. I think this case is safer than the porn one, because the actual data in this case is legal in both jurisdictions, it just must not be transferred from jurisdiction US -> jurisdiction non-US, which it has not been. If it were something which where illegal in the US, hmm, lets say an image of a slightly underage (underage under US definitions, not dutch) dutch porn star, then having links to it might be argued as incitement to view something which it would be illegal to view in the US, something which is effectively illegal to import into the US. I would agree with you were the information imported by way of an inline image actually illegal in the US, as the person loading would have no choice. In such a case a disclaimer might be appropriate: warning, it may be illegal to import the following link into the US, I will not be responsible if you are in the US and click on this link But what is there to disclaim with inline data which is itself legal in both jurisdictions, and the only legal question being the transfer of that data from US -> UK, which the protocol ensures does not happen? Browser in the US, text in US, crypto gif imported from UK, both legal. Browser outside US, text in US, crypto gif imported from UK, both legal. See a flaw in that? Try that in France might be more interesting, where it really is illegal to import crypto. It's kind of theoretical, but an interesting argument... what happens when this happens with porn, is perhaps a more tricky question, re possible illegality of import from outside US, maybe in such cases you should request the viewer to turn off autoload of images, so that they must request them after reading the disclaimer text. Or perhaps it would be necessary to ensure that it never happens automatically without the user clicking on a button certifying that they are not in the US, the antithesis of MIT's I affirm I am a US citizen blah, blah, that goes with getting PGP from their site (I didn't get it btw, I just read the questions for my amusement). Adam

Rich Salz writes:

Inline images are not references -- they are part of the page being retrieved. I don't agree...

...

<img src="http://www.dcs.ex.ac.uk/~aba/obscura/rsa.gif"> So that the image is *imported* by the *viewer*, and not supplied by www.obscura. indeed Inlined images are just a convenient way of chunking. The image is imported by the viewer because the server, as part of the base document, told it to do so. You might be able to fool an ignorant court, but it still doesn't change the fact that Lance has a document that in the natural course of operation of the Web, exports crypto. ******* [...] Oh ? exports from Uk to Uk for instance ?? how could it export anything without any packet crossing a "border" even virtual ?

Maybe it violates some rules about spreading information, knowledge of where to find 'offending' materials, but this is certainly not breaking any export rules... IMO dl -- Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|... Freedom Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept