xml-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Berin Lautenbach <be...@ozemail.com.au>
Subject XML Encryption Support
Date Sat, 14 Jun 2003 10:05:52 GMT
Peoples,

In the security sub-project, we have implemented Java and (to a lesser
extent) C++ support for the XML Digital Signature standards.  The next
mountain to climb is XML Encryption (and the Java guys have already
started this).

We are not too sure what the legal implications for Apache might be if
we start making code that uses encryption.  The general
feeling within the sub-project is that it should not be an issue,
because we are not actually implementing any encryption algorithms
directly.  (OpenSSL is used for C++ and any JCE compliant crypto library
is used for Java.)

I know back in the bad old days, even applications that had hooks for
crypto could get in trouble, but my understanding these days is that 
with the relaxation of the various export controls this is now OK. 
However I'm not a lawyer by any means.

Any thoughts and/or suggestions on a way forward welcome.

Cheers,
     Berin



---------------------------------------------------------------------
In case of troubles, e-mail:     webmaster@xml.apache.org
To unsubscribe, e-mail:          general-unsubscribe@xml.apache.org
For additional commands, e-mail: general-help@xml.apache.org


Mime
View raw message