With reference to: http://opensolaris.org/os/community/arc/arc-faq/arc-publish-historical-checklist/
I believe the advice about cryptographic algorithm and security issues in old cases is inaccurate on the checklist. I'd like to discuss this with the person that put this in the checklist if possible to get it corrected. My team is responsible for the vast majority of the cryptography code in core Solaris and we are very aware of the US export regulations with respect to crypto. There is no such requirement to remove the names of crypto algorithms in the general case - the only reason I can think of to do so is when the case contains NDA information so it is covered by the NDA requirements. Similarly the advice about "security issues" is overly conservative and is counter to what the OpenSolaris Security community stance is. The only exception to this would be active (rather than historical) cases where an ARC case was required to change architecture to fix a currently confidential security vulnerability. If that is what is mean't by the statement on the page then it should say so. -- Darren J Moffat
