www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "C. Michael Pilato" <cmpil...@collab.net>
Subject Re: Subversion, encryption, export restrictions, etc.
Date Wed, 09 Jan 2013 19:48:24 GMT
On 01/09/2013 02:43 PM, Philip Martin wrote:
> Ben Reser <ben@reser.org> writes:
>> On Wed, Jan 9, 2013 at 10:46 AM, C. Michael Pilato <cmpilato@collab.net> wrote:
>>> Some time ago, I (and other Subversion devs) began some work toward adding
>>> support in Apache Subversion for an encrypted authenication credentials
>>> store -- basically, a client-side place to stuff login creds used for
>>> accessing Subversion servers.  Along the way, I started wondering if this
>>> work would fall under the restrictions placed on export of software by the
>>> U.S.  I got some IANAL-type advice to the effect that our usage was fine and
>>> uncontrolled/unrestricted, but I'd really rather that we have our i's dotted
>>> and t's crossed on this.
>> One detail that may be important here is that there is no actual
>> encryption code in Apache Subversion, but rather but calls into the
>> encryption code that APR has.
> According to the FAQ:
> http://www.apache.org/dev/crypto.html#faq
>   The less obvious example, is the point at which a subversion
>   repository starts to include code that is specially designed to work
>   with any other 5D002 item
> Subversion is designed to work with APR and APR-Util, which are 5D002
> items according to http://www.apache.org/licenses/exports/, so under the
> old rules Subversion should be a 5D002 item as well.
> Perhaps I'm misunderstanding things, but according to the old rules
> adding an encrypted credentials store doesn't change anything since
> Subversion should already be under the restrictions.

My understanding (which is so extremely limited on this topic!) per
http://www.apache.org/dev/crypto.html#notify is that, under the old rules,
Subversion would still need to notify about the use of the crypto technology.

C. Michael Pilato <cmpilato@collab.net>
CollabNet   <>   www.collab.net   <>   Enterprise Cloud Development

View raw message