When I was contemplating a career path, combining international trade policy and software engineering didn’t come to mind. In fact 10 years ago I probably couldn’t have told you how these seemingly disparate disciplines were related. Today these topics are intimately related, even if not obviously so for the practicing software developer.
Despite COVID-19, one need not look far to see that trade policy is a hot topic. For some, the questions around Hong Kong are simply the posturing of politicians and will soon blow over. The fact is that politicians do sometimes carry through on promises, take Brexit for a recent example.
Exporting in the digital age
So how does this relate to software? Until recently, almost all cryptography including the “https” you used to get to this page was considered a munition. Even publication didn’t solve the problem. As a result, export classification is required for many software packages before being sold on the global market. This process is straightforward however when compared to the challenges of exporting computer hardware.
For those interested, the High Performance Computers and Export Control Policy: Issues for Congress is a 23 page brief on the topic. Clearly it demonstrates the complexity of laws and regulations, designed to restrict the movement of weapons, and needing legal expertise. Take modern SoCs with Ethernet as an example. Lawyers have had to argue that SSL acceleration hardware isn’t a novel encryption implementation subject to various international treaties.
Now that I have explained the title, what does this mean for the practicing software developer? In practical terms it means that your development hardware will be delayed in customs and often subject to hefty fees.
For pre-release hardware, documentation from lawyers may be required to prove the SSL accelerator is not a gun, sword, or other dangerous munition. Let’s not even consider the additional complexity when there is a wireless transmitter which hasn’t yet received FCC or equivalent approval.
How does virtualization help?
Adopting a Virtualization Based Development approach can effectively eliminate the need to ship development hardware around the globe. But isn’t a model of an SSL accelerator subject to the same rules as the hardware it models?
There is substantial debate on that topic, but as you didn’t read all of the congressional report above I’ll spare you the details. The short version is the export status of the hardware is irrelevant if an export approved software library like OpenSSL is used to model the accelerator.
Granted that such a model won’t help the hardware developer debug their implementation of SSL. For a software developer however, so long as it has the same interface as the hardware it will enable debugging of the driver.