forrest-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Crossley <cross...@apache.org>
Subject Re: export classification, ECCN, handling cryptography, etc.
Date Thu, 31 Jan 2008 06:03:42 GMT
David Crossley wrote:
> 
> ---------------------
> Affected code
> -------------
> I have found our use of "jsch" (see below). Please help
> to find what other affected products that we use.

I have spent a lot of time on this. I now gather that
it is not just if a product uses cryptographic features.

Rather we need to declare a product that uses or is designed
to use cryptography for the purpose of information security.

We have a number of supporting products that use it for
authentication. We don't need to declare those.

So far i have found:

"jsch" which is used for scp tasks.

"Apache FOP" which can be used for encryption of PDF output.

Can forrest use "https" to retrieve remote sources?
If so, then what product(s) enables that?

I haven't finished yet. Other eyes are appreciated,
perhaps you will find something that i may have missed.

-David


Mime
View raw message