incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Burrell Donkin <>
Subject Re: Request dev help: Info for required crypto export declaration
Date Thu, 01 Sep 2011 18:51:16 GMT
On Thu, Sep 1, 2011 at 7:38 PM, Dennis E. Hamilton
<> wrote:
> Please just do it this way:
> <>
> ASF is very clear on what is required for *its* releases and this page appears to be

The Apache rules break down into reporting to users and notification.
Informing users is important but notification is urgent (making source
available [1] counts as export).

> (I finally found where I saw this before.  It has also been discussed here or on the
ooo-private list before.  I remembered it as being simpler than it is.)

(It looks worse than it is)

Following the instructions[3], step 1 is to work out whether OOo has
any unusual cryptography beyond ECCN 5D002, which is:

<blockquote cite='>
   Software specially designed or modified for the development,
production or use of any of the other software of this list, or
software designed to certify other software on this list; or
   Software using a "symmetric algorithm" employing a key length in
excess of 56-bits; or
   Software using an "asymmetric algorithm" where the security of the
algorithm is based on: factorization of integers in excess of 512 bits
(e.g., RSA), computation of discrete logarithms in a multiplicative
   group of a finite field of size greater than 512 bits (e.g.,
Diffie-Hellman over Z/pZ), or other discrete logarithms in a group in
excess of 112 bits (e.g., Diffie-Hellman over an elliptic curve).

Does OOo rely on cryptography more exotic than this?



View raw message