www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "C. Michael Pilato" <cmpil...@collab.net>
Subject Subversion, encryption, export restrictions, etc.
Date Wed, 09 Jan 2013 18:46:39 GMT
Legalish Folk,

Some time ago, I (and other Subversion devs) began some work toward adding
support in Apache Subversion for an encrypted authenication credentials
store -- basically, a client-side place to stuff login creds used for
accessing Subversion servers.  Along the way, I started wondering if this
work would fall under the restrictions placed on export of software by the
U.S.  I got some IANAL-type advice to the effect that our usage was fine and
uncontrolled/unrestricted, but I'd really rather that we have our i's dotted
and t's crossed on this.

I cruised through the document at http://www.apache.org/dev/crypto.html, but
it has this glaring notice near the top:

Note - the regulations covering US export control laws for encryption were
changed on June 25th 2010. This page describes the previous process. Until
an updated version has been drawn up and approved by the Apache VP Legal
Affairs, projects should check with the legal-discuss list before proceeding.

So while I can't honestly say that we're checking with legal-discuss "before
proceeding" -- some related code has already been committed to the ASF
repository -- I'm checking now, with apologies if we've inadvertently done
something Naughty here.

What can you tell me, and what do you need to know in advance of such
telling?  I'll answer anything I can (and have Cc: our private@ list so
others can help out, too.)

C. Michael Pilato <cmpilato@collab.net>
CollabNet   <>   www.collab.net   <>   Enterprise Cloud Development

View raw message