> -----Original Message----- > From: David Nalley [mailto:[email protected]] > Sent: 25 August 2012 08:30 > To: [email protected] > Subject: Consensus around cryptography/export control issues > > Hi folks, > > I am willing to own the crypto reporting stuff, but..... before I begin, I > want to > make sure we have a good understanding of what specifically we are > declaring. > > So - my perception/understanding is that: > > The CloudStack source code release will contain no crypto inherently. > > The convenience binaries that we produce will have Bouncy Castle - the > systemVMs will have openswan, etc, and a build itself depends on libraries > like bouncy castle. > > So first am I missing anything? Is there any actual crypto in the source repo > that I am not aware of? > > The ASF's guidelines on this are here: > http://www.apache.org/dev/crypto.html for those of you wanting some > light weekend reading.
Citrix should have done all of this for their last few releases. I suggest you ask Will / Kevin. You should be able to copy their declaration. Cheers, Ewan.
