On 6/8/06, Joe Orton <[EMAIL PROTECTED]> wrote:
Thanks for doing the research, Roy.
Ditto.
On Wed, Jun 07, 2006 at 02:03:33PM -0700, Roy T. Fielding wrote: > Okay, let me put it in a different way. The alternatives are > > 1) retain the status quo, forbid distributing ssl binaries, and > include in our documentation that people in banned countries are not > allowed to download httpd 2.x. This gets my vote. I don't see why it's necessary for the ASF to be in the business of distributing binaries; letting other people assume the technical and legal responsibilites for doing that seems reasonable. The documentation work necessary would be greater if mod_ssl is split into a separate package, and having mod_ssl in the tree is one of the compelling features of 2.x anyway.
Overall, I think forbidding the distribution of the SSL-enabled binaries is probably the sanest thing technically and legally for us to do. I understand the arguments about the Win32 folks not having SSL out of the box, but I don't think that particular advantage outweighs the social and technical problems with creating two separate versions of the distributions. So, +1 to keeping the status quo (always my favorite!). -- justin