Cliff Schmidt wrote:
-garrett (who has not been spending nearly as much time as he should
following this thread, and is hoping that Cliff will rescue him with a
nice "you need to do this, this, and this to keep us from breaking the
law" kind of recipie soon ;-)
fair enough -- however, could you tell me if these comments come after
having read http://apache.org/dev/crypto.html? I was kind of hoping
that page comes close to providing the background and list of what
steps must be taken.
As you notice from the OpenSSL question, Cliff, there are two strong
positions. One Says we notify BIS of our export of the "OpenSSL Product"
under various circumstances. The Other Says we would only do that if we
offer a product called "OpenSSL", and if we distribute a binary including
or linking to OpenSSL, it's a dependency and we just notify the BIS of the
"APR-util Library Product".
You are in the thread to help explain this to us all :)
Bill
