Return-Path: 
 <dev-return-6103-apmail-couchdb-dev-archive=couchdb.apache.org@couchdb.apache.org>
Delivered-To: apmail-couchdb-dev-archive@www.apache.org
Received: (qmail 5557 invoked from network); 24 Aug 2009 08:09:03 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3)
  by minotaur.apache.org with SMTP; 24 Aug 2009 08:09:03 -0000
Received: (qmail 15670 invoked by uid 500); 24 Aug 2009 08:09:21 -0000
Delivered-To: apmail-couchdb-dev-archive@couchdb.apache.org
Received: (qmail 15617 invoked by uid 500); 24 Aug 2009 08:09:21 -0000
Mailing-List: contact dev-help@couchdb.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@couchdb.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@couchdb.apache.org>
List-Post: <mailto:dev@couchdb.apache.org>
List-Id: <dev.couchdb.apache.org>
Reply-To: dev@couchdb.apache.org
Delivered-To: mailing list dev@couchdb.apache.org
Received: (qmail 15270 invoked by uid 99); 24 Aug 2009 08:09:21 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 24 Aug 2009 08:09:21 +0000
X-ASF-Spam-Status: No, hits=-0.0 required=10.0
	tests=SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of
 bernd.fondermann@googlemail.com designates 209.85.219.208 as permitted
 sender)
Received: from [209.85.219.208] (HELO mail-ew0-f208.google.com)
 (209.85.219.208)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 24 Aug 2009 08:09:11 +0000
Received: by ewy4 with SMTP id 4so2513941ewy.3
        for <dev@couchdb.apache.org>; Mon, 24 Aug 2009 01:08:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=googlemail.com; s=gamma;
        h=domainkey-signature:mime-version:received:in-reply-to:references
         :date:message-id:subject:from:to:content-type
         :content-transfer-encoding;
        bh=lYm8rE+DPwA+y6sek+BnRT/EMfg6QoFZoukCQkfR9R8=;
        b=eWjIh1n3n+LIIzfhzE/VzlREbl0X6gqG7os1vt2CRa/dZUprvJxU2KGr/fgZdTtjnP
         ZzQRsvBeqPMQSaDk9K4Z1/lF92HP7Lgw8A30GJUEFxbuvwQqm5n0QN4xSSaTrQPMznpW
         RVwaNrp+8RoNp6SQuqqAOPGNFbuOqOc1sS4tE=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=googlemail.com; s=gamma;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type:content-transfer-encoding;
        b=doH4iAJD2xLMrhLgEpbVpISoO1B6paQQ3w0Gq9Km0N+HLg3ztlsUH+lGT+B/yXYM28
         R+vrDOoYR9PVlLNFt+ACGN4I7p+L7TCxs05g/mQx7sU3jdBtAT+kcsz+hmrOJkiw/7sU
         i+mb63/9bHJ3cL4OoLP54oh04Tu7naP0Q32yk=
MIME-Version: 1.0
Received: by 10.216.13.75 with SMTP id a53mr899933wea.22.1251101329849; Mon,
	24 Aug 2009 01:08:49 -0700 (PDT)
In-Reply-To: <967FA633-9900-4735-B34B-EBBEF302D17C@apache.org>
References: <0C366699-9810-4738-BC93-EEF12C5C6674@apache.org>
	 <2B799CE8-D776-46C3-8DC7-6A631F5B73B2@apache.org>
	 <e2111bbb0908191140w28f4c09ay6901dba209630a93@mail.gmail.com>
	 <8CF7B130-14F8-480C-8334-CCD32055EA8E@apache.org>
	 <e2111bbb0908191207j2b962eb7q80ffad711b218abc@mail.gmail.com>
	 <047920FC-CA13-4946-8D20-FC0CD0CDC496@apache.org>
	 <e2111bbb0908191256o1c1f496ehc8343dd34dd2a809@mail.gmail.com>
	 <96B1F74D-CD5A-4F6C-947B-4E35BA462FC5@apache.org>
	 <42E83F00-D005-454B-838B-1D1629F367A7@apache.org>
	 <967FA633-9900-4735-B34B-EBBEF302D17C@apache.org>
Date: Mon, 24 Aug 2009 10:08:49 +0200
Message-ID: <88f6e29a0908240108v5c9e655x22d3378246383112@mail.gmail.com>
Subject: Re: Cryptography in CouchDB
From: Bernd Fondermann <bernd.fondermann@googlemail.com>
To: dev@couchdb.apache.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Virus-Checked: Checked by ClamAV on apache.org

On Sun, Aug 23, 2009 at 16:23, Damien Katz<damien@apache.org> wrote:
> Based on similar HTTP client libraries, it looks like we do need the expo=
rt
> restrictions, which really bums me out.
>
> I'll take care of this next week.

It's not that bad I think.
(Thankfully, I'm not living under U.S. legislation, plus I am not a
lawyer, but) as I understand it, anyone exporting software from the
U.S. is subject to these regulations related to cryptography etc. What
the ASF provides is just a /classification/ to help our users see
where these regulations might apply. They have to check for themselves
anyway when they export. So the notification which is filed with US
administration does not restrict distribution of CouchDB any more than
it is restricted anyway without the notification.

The process is as lean as can be: just one patch to an xml file + one email=
.
People at infra or legal should be able to help you out, our just feel
free to contact me if you need help with this.

Relax,

  Bernd

>
> -Damien
>
> On Aug 20, 2009, at 12:42 AM, Curt Arnold wrote:
>
>> ibrowse_http_client would also look like a potential area of concern, it
>> contains calls to ssl:connect and has other code specific to ssl
>> connections. =A0Likely would not be an issue for CouchDB if we weren't
>> redistributing it.
>
>