incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Roland Weber <ossf...@dubioso.net>
Subject Re: Security restrictions
Date Sun, 18 May 2008 09:49:09 GMT
Alan D. Cabrera wrote:
> 
> On May 17, 2008, at 10:33 AM, Robert Burrell Donkin wrote:
> 
>> On Sat, May 17, 2008 at 6:25 PM, Alan D. Cabrera 
>> <list@toolazydogs.com> wrote:
>>> I'm beginning to regret not slogging through all those threads about 
>>> the IP
>>> checks in relation to security.  Ok, I'm actually glad that I didn't 
>>> waste
>>> my time.
>>
>> WRT security...?
>>
>> (maybe it's just slipped my mind but i don't recall much about IP and 
>> security)
>>
>>> Is there a check list available for me to use for a podling?
>>
>> a guide is being drafted in 
>> http://incubator.apache.org/guides/mentor.html
> 
> Apparently OpenSAML had all sorts of these IP issues.  For example, we 
> have to worry about IDEA.

Please don't confuse security and cryptography. For example,
here is some security advice from Bruce Schneier ;-)
http://www.schneier.com/essay-173.html
You can use all kinds of cryptography and still end up with
a completely unsecure system.

Wikipedia says that IDEA is patent protected until 2010/11:
http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
That is a general problem with patents, it is not specific to
cryptography or security. If you are aware of any patents
that might apply to your podling, maybe you should take that
to legal-discuss@a.o?

A specific thing for cryptography are export notifications,
but as I understand it, that is not your concern at the moment.
http://www.apache.org/dev/crypto.html

cheers,
   Roland



---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org


Mime
View raw message