tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron Knauf" <>
Subject Re: JSSE redistribution
Date Wed, 13 Dec 2000 01:39:41 GMT
Ain't crypto laws a bitch?  I see your point.  I withdraw my suggestion.


Aaron Knauf
Implementation Consultant
Genie Systems Ltd
Auckland, New Zealand
Ph. +64-9-573 3310 x812, email:

"Craig R. McClanahan" <>
13/12/2000 15:21
Please respond to tomcat-dev

        Subject:        Re: JSSE redistribution

Aaron Knauf wrote:

> Is there any reason why we can't compile tomcat against JSSE and include 
> jars in the tomcat lib directory as part of the standard binary 
> This would make it much easier for people to get HTTPS support from 
tomcat.  I
> believe that the Sun licence allows for redistribution, and US law 
allows us
> foreigners to get at the crypto stuff, now.

Although the rules have been relaxed considerably, the US export 
still require preventing anyone from certain countries from downloading 
stuff.  If JSSE was distributed in Tomcat, that would mean that we 
would be held responsible for enforcing that restriction -- and this would 
likely require some sort of click-through mechanism on *everyone* who 
(plus a bunch of lawyer time to make sure all the rules were being 

There is also still paperwork involved in registering as a distributor of
encryption materials -- even though it's legal.

> I seem to remember seeing a post about this a while ago, but I never saw 
> resolution.
> If there are no objections, I move that we include JSSE as part of 
> tomcat.

Given that the restriction above exists, I'm afraid I can't see us doing 
this at
the current time.

> Cheers

Craig McClanahan

View raw message