apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <wr...@rowe-clan.net>
Subject Re: Crypto FAQ
Date Wed, 05 Jul 2006 01:30:38 GMT
One clarification I know we already discussed...

Cliff Schmidt wrote:
> Q2.  What are examples of when a crypto item is publicly accessible
> through ASF servers?
> A2.  The obvious example is including something like OpenSSL within a
> product distribution from a /dist URL.  *The less obvious example*, is
> the point at which a subversion repository starts to include code that
> is specially designed to work with any other 5D002 item, whether that
> item is ever to be included within a product distribution or not.  In
> other words, a project should send out a  notification email just
> after making the decision to include code that is specially designed
> to work with crypto APIs but before actually committing such code.  

[Break this here into Q2.1;

Q2.1.  Are public contributions of crypto items to the mailing list, jira
or bugzilla databases considered exports?


> No need to worry about surprise JIRA attachments with such code -- only
> the event of committing the code to the ASF product repository.

... The actual poster of these attachments performed the 'export' and in
this respect, open posting and archival of bugzilla/jira/mailing list items
are considered unsolicited and unmoderated discussion.  This is markedly
distinct from a committer within the ASF posting files to the web site, the
distribution trees or source code repositories which are covered under Q2,

View raw message