couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Davis <paul.joseph.da...@gmail.com>
Subject Re: Cryptography in CouchDB
Date Mon, 17 Aug 2009 23:49:56 GMT
Looking through quickly, it looks like we hit on this clause:

> If my project ships a binary that provides bindings to OpenSSL, but does not include
its source or binaries, what notifications must be made?
>
> The only required notification for an Apache project that is specially designed to use,
but doesn't include, such crypto, is just the notification for the ASF product code.

I haven't the slightest what that means though. We need to add a
notice about something or other?

On Mon, Aug 17, 2009 at 7:37 PM, Curt Arnold<carnold@apache.org> wrote:
> I don't know if it predates the recent OAuth patch, but I believe the
> CouchDB now requires an export notice to be filed.  The export notification
> should have been filed before crypto related code was committed.  I do not
> know if there is a procedure to follow when the export notice is not filed
> beforehand.
>
> See http://www.apache.org/dev/crypto.html and
> http://www.apache.org/licenses/exports/
>
> It should have dawned on me earlier, but I stumbled upon it when I built
> Erlang R13B01 from source without previously installing libssl-dev.  Erlang
> and CouchDB would build successfully, but CouchDB would fail on start up.
>  Surprised me that CouchDB requires ssl to launch.
>
>
>

Mime
View raw message