Re: Re: Re: Encrypted JDBC Connection Settings

From: Mike Kienenberger (mkienen..mail.com)
Date: Thu Aug 31 2006 - 11:03:34 EDT


Michael,

Maybe you could ask on legal-discus..pache.org and see what comes of it.

I think you're right in that there's a certain minimum level of
complexity required in the encryption algorithm before it qualifies.

Note that the "'specially designed' to use" part only applies to other
controlled encryption products.

On 8/30/06, Michael Gentry <blacknex..mail.com> wrote:
> What if you aren't using Java encryption APIs? The only thing I plan
> to add is modeler conveniences such that you can create your own
> encryption facilities. (Someone can already write this for
> themselves, too.) I'm not planning on checking in actual encryption
> code (I can't imagine ROT13 would be considered encryption these
> days). I thought "product distributions that contain or are
> 'specially designed' to use cryptography" meant Cayenne as shipped
> would be actively using encryption as part of its operation (such as
> requiring OpenSSL for something). Of course, I'm not a lawyer ...
>
> Thanks,
>
> /dev/mrg
>
>
> On 8/30/06, Mike Kienenberger <mkienen..mail.com> wrote:
> > On 8/30/06, Michael Gentry <blacknex..mail.com> wrote:
> > > Thanks for the link, Jean. I'm about ready to get started on adding
> > > this feature. The only encryption I'll include with Cayenne in ROT13,
> > > which is incredibly weak and anyone can encode/decode with:
> >
> > From my understanding, providing the ability to use encryption is
> > sufficient grounds to require registration. I'm pretty sure that for
> > MyFaces we need to register simply because we use the Java encryption
> > apis.
> >
>



This archive was generated by hypermail 2.0.0 : Thu Aug 31 2006 - 11:04:04 EDT