Re: podling BIS notifications (jars in svn & crypto)

From: Jean T. Anderson (jt..ristowhill.com)
Date: Wed Feb 21 2007 - 23:59:17 EST

  • Next message: Jean T. Anderson: "Re: podling BIS notifications (jars in svn & crypto)"

    Michael Gentry wrote:
    > I created a Cayenne-specific PasswordEncoding interface. There are no
    > hooks into any existing cryptography package. No automatic linkage of
    > any kind -- you can't drop OpenSSL/etc into the mix and tell Cayenne
    > to automatically use it.

    As Mike K pointed out:
    > On the other hand, Roy also wrote:
    > ==============
    > As far as timing goes, the notice should be sent as soon as
    > it becomes clear that the product will eventually contain code
    > that is designed for a given 5D002 product (i.e., anything that
    > uses encryption for purposes other than mere authentication).
    > ==============

    From the recent posts to genera...a.o, it seems not needed.

    It still might be worth a post to legal-discuss for the definitive legal
    answer -- and provide fodder for an authentication/password faq at
    http://www.apache.org/dev/crypto.html#faq -- I think it could really use
    one.

     -jean



    This archive was generated by hypermail 2.0.0 : Wed Feb 21 2007 - 23:59:48 EST