www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <wr...@rowe-clan.net>
Subject Re: Distributing a build that has a 5D002 classified binary - does that make your distribution need a 5D002 classification (Export control)
Date Thu, 12 Jun 2008 13:18:25 GMT
Henri Yandell wrote:
> Did this get answered?

I'm not certain, but ...

> On Fri, May 30, 2008 at 1:43 PM, Marshall Schor <msa@schor.com> wrote:
>> Hi -
>>
>> We're planning a release where we plan to include the jar for Apache
>> ActiveMQ 4.1.1.  This is listed on the exports page as having ECCN 5D002.
>>
>> If we include this jar in our release distribution, does this require us to
>> classify our "product" under ECCN 5D002?   We do not use any crypto APIs
>> ourselves, in our code (but I realize this may not matter).  I think the
>> answer is yes, but wanted to be sure...

The answer is yes; but if I understand you, your source repository makes no
use of crypto whatsoever, no calls out to an interface that is crypted, so
there is no reason to tag your source tree as a crypto source.

You would point to the ActiveMQ source packages you consume, and to the full
distribution your project ships that includes the ActiveMQ jars.

>> If we wanted to avoid tagging our release with ECCN 5D002, is it correct
>> that we would need to do 2 things:
>> a) not distribute anything tagged as ECCN 5D002, and
>> b) not use interfaces for 5D002 components (that we do not include in our
>> distributions) that are specially designed to access crypto functionality in
>> these components

Sounds right.

---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and educational
only.  Statements made on this list are not privileged, do not
constitute legal advice, and do not necessarily reflect the opinions
and policies of the ASF.  See <http://www.apache.org/licenses/> for
official ASF policies and documents.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org


Mime
View raw message