On 18/05/2010 17:14, Erin Clark wrote: > Hi Mark: > > Sorry, I should've mentioned that I already checked this list and didn't > see BSF on there. It's for this reason that I'm contacting the group.
<quote> Since publicly available software is only subject to the EAR when it is classified as ECCN 5D002 or 5D992, all ASF software product versions that do not fit those two classifications are noted as ECCN "n/a" (not applicable) or not included in the matrix. </quote> keeping in mind <quote> The Apache Software Foundation (ASF) makes NO WARRANTY or representation that the information contained in the ASF Product Classification Matrix is accurate, current, or complete. It is your obligation as the exporter to comply with the current applicable requirements of United States export rules and regulations. Any use of such information by you is without recourse to the ASF and is at your own risk. The ASF is in no way responsible for any damages, whether direct, consequential, incidental, or otherwise, suffered by you as a result of using or relying upon such information for any purpose. </quote> > Thanks, > Erin > > -----Original Message----- > From: Mark Thomas [mailto:[email protected]] > Sent: Tuesday, May 18, 2010 9:06 AM > To: [email protected] > Subject: Re: Export Control Question re: BSF > > On 18/05/2010 17:03, Erin Clark wrote: >> Hi All: >> >> >> >> I'm not sure to contact, so forgive me, but I'm assisting a client > with >> the export classification of their product and the subject product >> utilizes Apache Jakarta Bean Scripting Framework v.2.4.0. Do you know >> who might be the correct developer(s) for this open source code? If >> it's you all, do you happen to know what the Export Control >> Classification Number (ECCN) for this code? If you don't know the > ECCN, >> can you please respond to the following questions at your convenience? > > http://www.apache.org/licenses/exports/ > > Mark > >> >> >> >> a. Does the code perform cryptographic functions (i.e., >> encryption/decryption)? >> >> b. Does the code contain any cryptographic algorithms (i.e., 3DES, >> Diffie-Helman, Blowfish, Rijndael, RC4, RSA) (whether or not these >> algorithms are actually being used by the software)? >> >> c. Is the code capable of interfacing with, calling to, using, >> invoking or enabling/disabling the cryptographic features within other >> software or within the underlying platform in any way? >> >> d. Is the code capable of performing message digesting/hashing > (i.e., >> MD5, RIPEMD, SHA, Tiger), fixed data compression or authentication? >> >> e. Does the code contain/utilize and open cryptographic interface >> (OCI), where the cryptographic capabilities of the code are >> user-accessible and/or modifiable? (See below for a more detailed >> definition of OCI.) >> >> >> >> If 'yes' to any of the above, please provide detailed response. >> >> (Open cryptographic interface - A mechanism which is designed to allow > a >> customer or other party to insert cryptographic functionality without >> the intervention, help or assistance of the manufacturer or its agents >> (i.e., manufacturer's signing of cryptographic code or proprietary >> interfaces). If the cryptographic interface implements a fixed set of >> cryptographic algorithms, key lengths or key exchange management >> systems, that cannot be changed, it will not be considered an "open" >> cryptographic interface. All general application programming > interfaces >> (i.e., those that accept either a cryptographic or non-cryptographic >> interface, but do not themselves maintain any cryptographic >> functionality) will not be considered "open" cryptographic interfaces >> either.) >> >> Please let me know if you have any questions for me and many thanks in >> advance for your assistance. >> >> >> >> Regards, >> >> Erin >> >> >> >> Erin Clark >> >> Export Compliance Manager >> >> ________________________________ >> >> Sandler & Travis Trade Advisory Services, Inc. >> >> >> >> |phone 248.699.1588 | cell 619.997.4197 | fax 619.330.2336 | Web >> > <http://webmail.sttasonline.com/exchweb/bin/redir.asp?URL=http://www.str >> trade.com/> | eMail <mailto:[email protected]> | >> >> >> >> This is a transmission from Sandler & Travis Trade Advisory Services, >> Inc. and is solely for the use of the intended addressee. It may > contain >> information which is confidential and subject to attorney client >> privilege. If you are not the intended recipient, please e-mail the >> sender and destroy all copies of this message and any attachment. Any >> unauthorized use of the contents of the message or attachments is >> strictly prohibited. >> >> >> >> P PLEASE CONSIDER THE ENVIRONMENT BEFORE PRINTING >> >> >> >> > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
