Looking through quickly, it looks like we hit on this clause: > If my project ships a binary that provides bindings to OpenSSL, but does not > include its source or binaries, what notifications must be made? > > The only required notification for an Apache project that is specially > designed to use, but doesn't include, such crypto, is just the notification > for the ASF product code.
I haven't the slightest what that means though. We need to add a notice about something or other? On Mon, Aug 17, 2009 at 7:37 PM, Curt Arnold<[email protected]> wrote: > I don't know if it predates the recent OAuth patch, but I believe the > CouchDB now requires an export notice to be filed. The export notification > should have been filed before crypto related code was committed. I do not > know if there is a procedure to follow when the export notice is not filed > beforehand. > > See http://www.apache.org/dev/crypto.html and > http://www.apache.org/licenses/exports/ > > It should have dawned on me earlier, but I stumbled upon it when I built > Erlang R13B01 from source without previously installing libssl-dev. Erlang > and CouchDB would build successfully, but CouchDB would fail on start up. > Surprised me that CouchDB requires ssl to launch. > > >
