Since it seems like the consensus here is to go ahead with filing ASF paperwork to be able to ship crypto code in HAWQ, I'm going to do so on Mon.
Thanks, Roman. On Fri, Aug 12, 2016 at 5:14 AM, Paul Guo <[email protected]> wrote: > The file could be removed since it is for win32. > https://github.com/postgres/postgres/blob/REL8_1_0/src/port/crypt.c > > But reading http://www.apache.org/dev/crypto.html, > we seem to still need to go through the security process. > <http://www.apache.org/dev/crypto.html> > <http://www.apache.org/dev/crypto.html> > <http://www.apache.org/dev/crypto.html> > <http://www.apache.org/dev/crypto.html> > <http://www.apache.org/dev/crypto.html> > <http://www.apache.org/dev/crypto.html> > We could add back pgcrypto (so that we do not need to download pg code > to get pgcrypto each time when building pgcrypto) along with this work. > <http://www.apache.org/dev/crypto.html> > > <http://www.apache.org/dev/crypto.html> > > <http://www.apache.org/dev/crypto.html> > > 2016-08-10 8:37 GMT+08:00 Goden Yao <[email protected]>: > >> Given the current situation, I'll vote for including crypto and go through >> the compliance process. >> >> On Tue, Aug 9, 2016 at 2:25 PM Roman Shaposhnik <[email protected]> >> wrote: >> >> > Hi! >> > >> > after a lot of effort to get rid of crypto code in HAWQ it >> > has come to our attention (again, because of the awesome >> > analysis done by Justin) that the code we imported from >> > PostgreSQL such as: >> > https://github.com/postgres/postgres/blob/REL8_1_0/src/port/crypt.c >> > would require us to seek export compliance as outlined >> > in the following documentation: >> > http://www.apache.org/dev/crypto.html >> > >> > I would like to re-iterate that it is PMC's business to be vigilant >> > about tracking this sort of compliance. As such, it is extremely >> > important that all of you read through the document I linked to >> > and ask any questions you may have on this thread. >> > >> > Since HAWQ is still in Incubation there's a few steps outlined >> > in the document that one of the mentors (myself) will have to >> > do for you guys. However, this shouldn't confuse you into >> > thinking that export compliance is handled by somebody else >> > at Apache. >> > >> > It is a PMC responsibility. It is YOUR responsibility. >> > >> > Thanks, >> > Roman. >> > >>
