Roy T. Fielding wrote: > > ... The big deal is that 5D002 > classification also means that it is illegal for the ASF to knowingly > allow anyone residing in, or a citizen of, the T-8 countries, or anyone > on the "denied persons list", to even participate in our project, > let alone download packages, since that participation would be a > "deemed export"... > > ... However, if the group would prefer to keep mod_ssl within the package, > then we have to take the appropriate actions in our documentation and > committer policies. ... > > So, I guess the real question is: do we follow the example of Mozilla > et al and simply publish as 5D002 with the appropriate documentation, > or do we make an attempt to separate the products in a way that one > half is unrestricted and the other is 5D002? >
My pref is the 1st option, since that seems the easist for us to handle, and the most appropriate for us. Seperation is unwieldy for a variety of reasons, and it seems to me that following the already established processes of other "affected" organizations is the safest. It also allows for some sort of "collaboration" of this issue among us as well. Of course, this is also applicable for other ASF projects that use SSL, such as Tomcat with tcnative/JNI. -- =========================================================================== Jim Jagielski [|] [EMAIL PROTECTED] [|] http://www.jaguNET.com/ "If you can dodge a wrench, you can dodge a ball."
