incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Weir <robw...@apache.org>
Subject Re: Request dev help: Info for required crypto export declaration
Date Fri, 02 Sep 2011 02:35:50 GMT
On Thu, Sep 1, 2011 at 10:18 PM, Dennis E. Hamilton
<dennis.hamilton@acm.org> wrote:
> I think Article 32 is of particular interest in the case of OpenOffice.org distributions
in France.
>
> It would appear that compliance with Article 30 is not difficult, since source code is
available in all cases.  It would be interesting to find out if the Apache process for declaring
cryptographic provisions would be acceptable to the Prime Minister without further ceremony.
 It might be useful for us to package notice of where the details are found in future distributions
so users could be aware that local conditions may apply to their use of such provisions.
>
> However, I think it is likely that, so long as the LibreOffice download sites are not
in the US there is not an issue for TDF.  If there are LibreOffice mirrors in the US, that
might be reason for concern by the operators of the mirrors.  But we don't get to resolve
any of that here.
>
> It is clear that to be an Apache Software Foundation project, the US requirements must
be satisfied in the manner specified by the ASF.
>

But I think that misses the real value of having this paperwork clean
and readily available.  It isn't really about OpenOffice or
LibreOffice end users.  And it really isn't about Apache or The
Document Foundation.  Yes, it is partially about them.  But the real
point of doing this and doing it well, is to make it possible for
others (not Apache and not end users or direct downloads) to
distribute/export Apache code.  It is to allow Apache modules to be
embedded in other applications and then exported.  It is to allow
OpenOffice.org to be pre-installed on a hardware vendor's laptops and
then exported.  Pure open source gets off easy in the regulation this
days.  The government realizes that the code is out there and they
accept that.  But commercial software vendors and hardware vendors
still feel the full weight of these regulations.  Having open source
components that have their export control paperwork in order makes
their lives much easier, and helps the underlying open source software
get used more, which in turn may drive more corporate-sponsored
developers into the project, more opportunities for consultants, etc.
It is part of making OSS easy to consume.  It is a win-win situation.

-Rob

>  - Dennis
>
> -----Original Message-----
> From: Norbert Thiebaud [mailto:nthiebaud@gmail.com]
> Sent: Thursday, September 01, 2011 18:38
> To: ooo-dev@incubator.apache.org
> Subject: Re: Request dev help: Info for required crypto export declaration
>
> On Thu, Sep 1, 2011 at 11:15 AM, Rob Weir <rob@robweir.com> wrote:
>>
>> Looks like LO discussed it briefly [4], but dismissed it under the
>> misapprehension that since they are not in the US, the regulation is
>> irrelevant.
>
> I'm confused, how is that a 'misapprehension' exactly ?
>
> Are you concerned about compliance with
> http://www.legifrance.gouv.fr/affichTexte.do?cidTexte=JORFTEXT000000801164&dateTexte=#LEGISCTA000006136109
> ?
>
> if not, why not ? are you "under the misapprehension that since [you]
> are not in [France], the regulation is irrelevant." ?
>
> Norbert
>
>

Mime
View raw message