Yes, as per http://www.apache.org/dev/crypto.html --
The code falls under ECCN 5D002, so we are good there. We need to: (1) Notify the USG via the sending the specified email (2) Add a README containing the crypto -- Do we have to go through the entire voting process again internally since we are adding a file to the source release? (3) Edit the export list to add Pirk here http://www.apache.org/licenses/exports/ -- Who (of our PPMC) has access to edit the page? I don't think that I do as it says that anyone with 'site-dev karma' can edit and, as far as I know, I don't have site-dev karma. On Wed, Aug 24, 2016 at 8:15 PM, Suneel Marthi <[email protected]> wrote: > On Wed, Aug 24, 2016 at 8:13 PM, Ellison Anne Williams < > [email protected]> wrote: > > > Got it - will take care of it tonight/in the morning and report back to > > general@incubator > > > > I'd better notify the USG of the crypto - lol :) > > > > That's the part that had me laughing, all of this source code came out of > USG and we are being told to check with USG again. > > At the very least we may need to add Pirk to the list of exports - (4), for > Justin to reverse his -1 > > > > On Wed, Aug 24, 2016 at 8:00 PM, Suneel Marthi <[email protected]> > > wrote: > > > > > Fyi folks > > > > > > > > > ---------- Forwarded message ---------- > > > From: Justin Mclean <[email protected]> > > > Date: Wed, Aug 24, 2016 at 7:48 PM > > > Subject: Re: [VOTE] Apache Pirk 0.1.0-incubating Release > > > To: [email protected] > > > > > > > > > Hi, > > > > > > -1 binding, willing to change my vote if encryption code issue > clarified. > > > > > > > The artifacts can be downloaded here: https://repository.apache.org/ > > > content/ > > > > repositories/orgapachepirk-1002 > > > > > > Please place the artefacts in the correct place [1] That that releases > > MUST > > > be placed in the list area and that maven is considered a secondary > > > channel. > > > > > > I checked: > > > - name included incubating > > > - signature and hashes good > > > - DISCLAIMER exists > > > - LICENSE and NOTICE good > > > - No unexpected binary files in release > > > - Can compile from source > > > > > > I see that the release looks to contains encryption source code [2] > > > (Paillier) [5], if so has this process been followed? [3] I can't see > > Prik > > > listed here [4]. > > > > > > Just out of interest why the “wideskies” in the class path name? > > > > > > Thanks, > > > Justin > > > > > > 1. https://dist.apache.org/repos/dist/dev/incubator/pirk/ > > > 2. ./src/main/java/org/apache/pirk/encryption/ > > > 3. http://www.apache.org/dev/crypto.html > > > 4. http://www.apache.org/licenses/exports/ > > > 5. https://en.wikipedia.org/wiki/Paillier_cryptosystem > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [email protected] > > > For additional commands, e-mail: [email protected] > > > > > >
