Hi Joe, I can help submit the form to the government and make the changes to the ECCN pageā¦
To make the update I need to know the hrefs below: <Product> <Name>Apache Pulsar</Name> <Version> <Names>Versions 1.20 and greater</Names> <ECCN>5D002</ECCN> <ControlledSource href="https://pulsar <https://pulsar/> trunk"> <Manufacturer>ASF</Manufacturer> <Why> Designed for use with the Bouncy Castle enryption libraries. </Why> </ControlledSource> <ControlledSource href="https://path.to <https://path.to/>.pulsars.bouncy-castle.jar"> <Manufacturer>Bouncy Castle</Manufacturer> <Why>General-purpose encryption library</Why> </ControlledSource> </Version> </Product> Regards, Dave > On Sep 21, 2017, at 7:54 PM, Dave Fisher <dave2w...@comcast.net> wrote: > > Hi Joe, > > This is a good catch. I am traveling this week and can help with the filing > on Monday unless one of the other mentors can do so tomorrow. > > Regards, > Dave > > Sent from my iPhone > >> On Sep 21, 2017, at 8:36 PM, Joe F <joefranc...@gmail.com> wrote: >> >> Hi Mentors, >> >> As I was going through the license verification for the next release >> (1.20) , I happened to see this >> http://www.apache.org/licenses/exports/ (which I'm calling the export >> license page) >> >> Pulsar 1.20 release introduces encryption (as an optional feature), and it >> uses Bouncycastle, and we were planning on including the Bouncy* jars in >> the binary. >> >> Many Apache projects using Bouncycastle as listed on the export license >> page. Do we need to list it Pulsar on the export license page now? If so, >> how do we get it into there? >> >> Or should we just remove the BouncyCastle jars from the distribution and >> leave it optional, letting users install it if needed? Users will need >> to install it for building Pulsar from source. They wont need it for >> running Pulsar, unless they use encryption. >> >> What's the guidance on this? >> >> Cheers, >> Joe >
signature.asc
Description: Message signed with OpenPGP
