Bernd Fondermann wrote:
Stefano Mazzocchi wrote:
From the board report request:
For the coming board report, the board and legal committee would much
appreciate your project reviewing the crypto export policy spelled out
at http://www.apache.org/dev/crypto.html to determine that the project
either either no encryption considerations, or if notices must be (or
had been) sent to the BIS and NSA, they have been documented at the
official location http://www.apache.org/licenses/exports/ for all
encryption elements within the oversite of this PMC. Adding a status
item on the board report will help the legal committee to ensure this
oversight has been applied across the foundation.
Is there any code in labs that would be covered by any US export
regulations? I know there isn't any in my lab, but I would like each
PI to report on that before I submit the official summary of that to
the board.
Thanks.
Vysper uses TLS via bouncy castle library "bcprov-jdk15-135.jar".
Is there any additional todo deriving from this fact? Is it required to
remove this code from svn until all the steps in crypto.html are done?
I doubt that... also I'm not sure if the board is looking for code that
"uses" crypto or code that "implements" crypto. Those seem to be two
different things as far as export regulation goes (in fact, you could
ship Vysper without crypto and the users can obtain it themselves if
they want it/need it.
Any director here can confirm?
--
Stefano.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
