incubator-odf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Weir <>
Subject Ready for ODF Toolkit crypto declaration
Date Tue, 14 Feb 2012 18:38:26 GMT
If I understand correctly, since we are not including Java Crypto API
libraries in our code, we don't need to declare them specifically.
But since we're "designed to use" such libraries we need to register
the ODF Toolkit as 5D002.

Note that we do have our own implementation of PKCS #5, per RFC 2898.
 This is a "password-based key derivation function", which is applied
prior to encryption in order to convert "weak" passcodes entered by
end users into higher entropy ones.   I don't see this as restricted
under the export regulations, so I don't think we should declare it.

Looking at the process [1] for doing this paperwork, it looks like we
need to update this [2] page by updating this [3] source.


I don't have permissions to update the source XML directly, but I
believe it should be updated to include the following fragment.   I
have Nick in as the contact, assuming that he will send the
declaration per [4].  Once that is done, Devin can check in the
encyption/digital signature code, and I can update the README file per

Am I missing anything?



 <Project href="">
  <Name>Apache ODF Toolkit Project</Name>
  <Contact><Name>Nick Burch</Name></Contact>
    <Name>Apache ODF Toolkit</Name>
      <ControlledSource href="">
        <Why>Designed for use with Java Cryptography Extension (JCE)</Why>
      <Names>0.5-incubating and later</Names>
        <Why>Designed for use with Java Cryptography Extension (JCE)</Why>

View raw message