Alan D. Cabrera wrote:
On May 17, 2008, at 10:33 AM, Robert Burrell Donkin wrote:
On Sat, May 17, 2008 at 6:25 PM, Alan D. Cabrera
<[EMAIL PROTECTED]> wrote:
I'm beginning to regret not slogging through all those threads about
the IP
checks in relation to security. Ok, I'm actually glad that I didn't
waste
my time.
WRT security...?
(maybe it's just slipped my mind but i don't recall much about IP and
security)
Is there a check list available for me to use for a podling?
a guide is being drafted in
http://incubator.apache.org/guides/mentor.html
Apparently OpenSAML had all sorts of these IP issues. For example, we
have to worry about IDEA.
Please don't confuse security and cryptography. For example,
here is some security advice from Bruce Schneier ;-)
http://www.schneier.com/essay-173.html
You can use all kinds of cryptography and still end up with
a completely unsecure system.
Wikipedia says that IDEA is patent protected until 2010/11:
http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
That is a general problem with patents, it is not specific to
cryptography or security. If you are aware of any patents
that might apply to your podling, maybe you should take that
to [EMAIL PROTECTED]
A specific thing for cryptography are export notifications,
but as I understand it, that is not your concern at the moment.
http://www.apache.org/dev/crypto.html
cheers,
Roland
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
