Hi Joe, This is a good catch. I am traveling this week and can help with the filing on Monday unless one of the other mentors can do so tomorrow.
Regards, Dave Sent from my iPhone > On Sep 21, 2017, at 8:36 PM, Joe F <joefranc...@gmail.com> wrote: > > Hi Mentors, > > As I was going through the license verification for the next release > (1.20) , I happened to see this > http://www.apache.org/licenses/exports/ (which I'm calling the export > license page) > > Pulsar 1.20 release introduces encryption (as an optional feature), and it > uses Bouncycastle, and we were planning on including the Bouncy* jars in > the binary. > > Many Apache projects using Bouncycastle as listed on the export license > page. Do we need to list it Pulsar on the export license page now? If so, > how do we get it into there? > > Or should we just remove the BouncyCastle jars from the distribution and > leave it optional, letting users install it if needed? Users will need > to install it for building Pulsar from source. They wont need it for > running Pulsar, unless they use encryption. > > What's the guidance on this? > > Cheers, > Joe