www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Santiago Gala <santiago.g...@gmail.com>
Subject Re: Is a TSU notice needed for software using javax.crypto?
Date Fri, 20 Jan 2012 17:51:36 GMT
My understanding of this question is that you don't need TSU unless
you are implementing "providers" for the service APIs, i.e.
cryptography algorithms, key exchange, etc.

Regards
Santiago

On Fri, Jan 20, 2012 at 4:25 PM, Nick Burch <nick@apache.org> wrote:
> Hi All
>
> One of the podlings I mentor, ODF Toolkit, is looking to implement the ODF
> encryption and signing support. As part of this, they'd be using
> javax.crytpo and java.security classes, but they wouldn't be implementing
> their own encryption algorithms
>
> I've read through http://www.apache.org/dev/crypto.html a few times, and
> some of the linked documents, and I'm not completely sure if a TSU is needed
> or not
>
> Java itself is controlled by ECCN 5D992.c [1], rather than 5D002 which our
> page talks about. Additionally, I'm not sure if importing and calling
> standard Java encryption functions counts as "software specially designed ..
> for the ... use of any other software on this list", either on the
> encryption side, or on Java not being another 5D002 library
>
> So, does anyone know what the rules are for this sort of Java project?
>
> Thanks
> Nick
>
> [1] Page 6 of
> http://www.oracle.com/us/products/export/eccn-matrix-software-412042.pdf
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>

---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org


Mime
View raw message