jakarta-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: Export Control Question re: BSF
Date Tue, 18 May 2010 16:06:19 GMT
On 18/05/2010 17:03, Erin Clark wrote:
> Hi All:
> 
>                     
> 
> I'm not sure to contact, so forgive me, but I'm assisting a client with
> the export classification of their product and the subject product
> utilizes Apache Jakarta Bean Scripting Framework v.2.4.0.  Do you know
> who might be the correct developer(s) for this open source code?  If
> it's you all, do you happen to know what the Export Control
> Classification Number (ECCN) for this code?  If you don't know the ECCN,
> can you please respond to the following questions at your convenience?

http://www.apache.org/licenses/exports/

Mark

> 
>  
> 
> a.     Does the code perform cryptographic functions (i.e.,
> encryption/decryption)?
> 
> b.    Does the code contain any cryptographic algorithms (i.e., 3DES,
> Diffie-Helman, Blowfish, Rijndael, RC4, RSA) (whether or not these
> algorithms are actually being used by the software)?
> 
> c.     Is the code capable of interfacing with, calling to, using,
> invoking or enabling/disabling the cryptographic features within other
> software or within the underlying platform in any way?
> 
> d.    Is the code capable of performing message digesting/hashing (i.e.,
> MD5, RIPEMD, SHA, Tiger), fixed data compression or authentication?
> 
> e.     Does the code contain/utilize and open cryptographic interface
> (OCI), where the cryptographic capabilities of the code are
> user-accessible and/or modifiable?  (See below for a more detailed
> definition of OCI.)  
> 
>  
> 
> If 'yes' to any of the above, please provide detailed response.
> 
> (Open cryptographic interface - A mechanism which is designed to allow a
> customer or other party to insert cryptographic functionality without
> the intervention, help or assistance of the manufacturer or its agents
> (i.e., manufacturer's signing of cryptographic code or proprietary
> interfaces). If the cryptographic interface implements a fixed set of
> cryptographic algorithms, key lengths or key exchange management
> systems, that cannot be changed, it will not be considered an "open"
> cryptographic interface. All general application programming interfaces
> (i.e., those that accept either a cryptographic or non-cryptographic
> interface, but do not themselves maintain any cryptographic
> functionality) will not be considered "open" cryptographic interfaces
> either.)
> 
> Please let me know if you have any questions for me and many thanks in
> advance for your assistance.
> 
>  
> 
> Regards,
> 
> Erin
> 
>  
> 
> Erin Clark
> 
> Export Compliance Manager
> 
> ________________________________
> 
> Sandler & Travis Trade Advisory Services, Inc. 
> 
>  
> 
> |phone  248.699.1588 | cell  619.997.4197 | fax 619.330.2336 | Web
> <http://webmail.sttasonline.com/exchweb/bin/redir.asp?URL=http://www.str
> trade.com/>  | eMail <mailto:eclark@strtrade.com>  |
> 
>  
> 
> This is a transmission from Sandler & Travis Trade Advisory Services,
> Inc. and is solely for the use of the intended addressee. It may contain
> information which is confidential and subject to attorney client
> privilege.  If you are not the intended recipient, please e-mail the
> sender and destroy all copies of this message and any attachment.  Any
> unauthorized use of the contents of the message or attachments is
> strictly prohibited.
> 
>  
> 
> P PLEASE CONSIDER THE ENVIRONMENT BEFORE PRINTING
> 
>  
> 
> 




---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: dev-help@jakarta.apache.org


Mime
View raw message