pulsar-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dave Fisher <dave2w...@comcast.net>
Subject Re: Pulsar encryption, Bouncycastle and export license page
Date Mon, 25 Sep 2017 20:32:38 GMT
Hi Joe,

I can help submit the form to the government and make the changes to the ECCN pageā€¦

To make the update I need to know the hrefs below:

<Name>Apache Pulsar</Name>
<Names>Versions 1.20 and greater</Names>
<ControlledSource href="https://pulsar <https://pulsar/> trunk">
Designed for use with the Bouncy Castle enryption libraries.
<ControlledSource href="https://path.to <https://path.to/>.pulsars.bouncy-castle.jar">
<Manufacturer>Bouncy Castle</Manufacturer>
<Why>General-purpose encryption library</Why>


> On Sep 21, 2017, at 7:54 PM, Dave Fisher <dave2wave@comcast.net> wrote:
> Hi Joe,
> This is a good catch. I am traveling this week and can help with the filing on Monday
unless one of the other mentors can do so tomorrow.
> Regards,
> Dave
> Sent from my iPhone
>> On Sep 21, 2017, at 8:36 PM, Joe F <joefrancisk@gmail.com> wrote:
>> Hi Mentors,
>> As I was going through  the license verification for the next release
>> (1.20) , I happened to see this
>> http://www.apache.org/licenses/exports/  (which I'm calling the export
>> license page)
>> Pulsar 1.20 release introduces encryption (as an optional feature), and it
>> uses Bouncycastle, and  we were planning on including the Bouncy* jars in
>> the binary.
>> Many Apache projects using Bouncycastle as listed on the export license
>> page. Do we need to list it Pulsar on  the export license  page now? If so,
>> how do we get it into there?
>> Or should we just remove the BouncyCastle jars  from the distribution and
>> leave it optional,  letting  users install it  if needed?  Users will need
>> to install it for building Pulsar from source.  They wont need it for
>> running Pulsar, unless they use encryption.
>> What's the guidance on this?
>> Cheers,
>> Joe

View raw message