Couldn't this kind of things be checked by RAT? Also, the crypto.html [1] page is not very referenced. And it is easy to not see it. Couldn't it be referenced more clearly from one of the guideline/policies document, so that that new poddling project are more directly aware of it.
[1] http://www.apache.org/dev/crypto.html Gilles 2007/8/16, Justin Erenkrantz <[EMAIL PROTECTED]>: > On 8/16/07, Gilles Scokart <[EMAIL PROTECTED]> wrote: > > I just found [1], and I was wonderiing if we don't fall under the > > definition of ECCN 5D002 for our binary distribution with deps. In > > this distribution we include binaries that support https, sft and ssh (and > > maybe other via vfs). > > If you have any code which directly invokes a dependency which is > covered by 5D002, yes, our policy is you must file a notice. APR had > to file simply because it can optionally link against OpenSSL. > > From the FAQ: > --- > What are examples of when a crypto item is publicly accessible through > ASF servers? > > The obvious example is including something like an OpenSSL binary > within a product distribution from a /dist URL. The less obvious > example, is the point at which a subversion repository starts to > include code that is specially designed to work with any other 5D002 > item, whether that item is ever to be included within a product > distribution or not. In other words, a project should send out a > notification email just after making the decision to include code that > is specially designed to work with crypto APIs but before actually > committing such code. No need to worry about surprise JIRA attachments > with such code -- only the event of committing the code to the ASF > product repository. > --- > > So, sounds like Ivy falls under the latter example. > > HTH. -- justin > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- Gilles SCOKART --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
