jakarta-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Erin Clark" <ecl...@strtrade.com>
Subject Export Control Question re: BSF
Date Tue, 18 May 2010 16:03:57 GMT
Hi All:

                    

I'm not sure to contact, so forgive me, but I'm assisting a client with
the export classification of their product and the subject product
utilizes Apache Jakarta Bean Scripting Framework v.2.4.0.  Do you know
who might be the correct developer(s) for this open source code?  If
it's you all, do you happen to know what the Export Control
Classification Number (ECCN) for this code?  If you don't know the ECCN,
can you please respond to the following questions at your convenience?

 

a.     Does the code perform cryptographic functions (i.e.,
encryption/decryption)?

b.    Does the code contain any cryptographic algorithms (i.e., 3DES,
Diffie-Helman, Blowfish, Rijndael, RC4, RSA) (whether or not these
algorithms are actually being used by the software)?

c.     Is the code capable of interfacing with, calling to, using,
invoking or enabling/disabling the cryptographic features within other
software or within the underlying platform in any way?

d.    Is the code capable of performing message digesting/hashing (i.e.,
MD5, RIPEMD, SHA, Tiger), fixed data compression or authentication?

e.     Does the code contain/utilize and open cryptographic interface
(OCI), where the cryptographic capabilities of the code are
user-accessible and/or modifiable?  (See below for a more detailed
definition of OCI.)  

 

If 'yes' to any of the above, please provide detailed response.

(Open cryptographic interface - A mechanism which is designed to allow a
customer or other party to insert cryptographic functionality without
the intervention, help or assistance of the manufacturer or its agents
(i.e., manufacturer's signing of cryptographic code or proprietary
interfaces). If the cryptographic interface implements a fixed set of
cryptographic algorithms, key lengths or key exchange management
systems, that cannot be changed, it will not be considered an "open"
cryptographic interface. All general application programming interfaces
(i.e., those that accept either a cryptographic or non-cryptographic
interface, but do not themselves maintain any cryptographic
functionality) will not be considered "open" cryptographic interfaces
either.)

Please let me know if you have any questions for me and many thanks in
advance for your assistance.

 

Regards,

Erin

 

Erin Clark

Export Compliance Manager

________________________________

Sandler & Travis Trade Advisory Services, Inc. 

 

|phone  248.699.1588 | cell  619.997.4197 | fax 619.330.2336 | Web
<http://webmail.sttasonline.com/exchweb/bin/redir.asp?URL=http://www.str
trade.com/>  | eMail <mailto:eclark@strtrade.com>  |

 

This is a transmission from Sandler & Travis Trade Advisory Services,
Inc. and is solely for the use of the intended addressee. It may contain
information which is confidential and subject to attorney client
privilege.  If you are not the intended recipient, please e-mail the
sender and destroy all copies of this message and any attachment.  Any
unauthorized use of the contents of the message or attachments is
strictly prohibited.

 

P PLEASE CONSIDER THE ENVIRONMENT BEFORE PRINTING

 


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message