In the bouncy castle website, they refer to their ftp website for previous releases. The corresponding ftp location for the version we are using would be: ftp://ftp.bouncycastle.org/pub/release1.55/bcprov-jdk15on-155.jar ftp://ftp.bouncycastle.org/pub/release1.55/bcprov-jdk15on-155.jar
Andrews. On Mon, Sep 25, 2017 at 3:27 PM, Matteo Merli <mme...@apache.org> wrote: > The exact BouncyCastle JAR that is going to be fetched during the build > would be : > > http://repo2.maven.org/maven2/org/bouncycastle/bcpkix-jdk15on/1.55/bcpkix-jdk15on-1.55.jar > > And for Pulsar source code, should we just list the git repo at > https://github.com/apache/incubator-pulsar ? > > > > > On Mon, Sep 25, 2017 at 1:32 PM Dave Fisher <dave2w...@comcast.net> wrote: > >> Hi Joe, >> >> I can help submit the form to the government and make the changes to the >> ECCN pageā¦ >> >> To make the update I need to know the hrefs below: >> >> <Product> >> <Name>Apache Pulsar</Name> >> <Version> >> <Names>Versions 1.20 and greater</Names> >> <ECCN>5D002</ECCN> >> <ControlledSource href="https://pulsar trunk"> >> <Manufacturer>ASF</Manufacturer> >> <Why> >> Designed for use with the Bouncy Castle enryption libraries. >> </Why> >> </ControlledSource> >> <ControlledSource href="https://path.to.pulsars.bouncy-castle.jar";> >> <Manufacturer>Bouncy Castle</Manufacturer> >> <Why>General-purpose encryption library</Why> >> </ControlledSource> >> </Version> >> </Product> >> >> Regards, >> Dave >> >> >> On Sep 21, 2017, at 7:54 PM, Dave Fisher <dave2w...@comcast.net> wrote: >> >> Hi Joe, >> >> This is a good catch. I am traveling this week and can help with the >> filing on Monday unless one of the other mentors can do so tomorrow. >> >> Regards, >> Dave >> >> Sent from my iPhone >> >> On Sep 21, 2017, at 8:36 PM, Joe F <joefranc...@gmail.com> wrote: >> >> Hi Mentors, >> >> As I was going through the license verification for the next release >> (1.20) , I happened to see this >> http://www.apache.org/licenses/exports/ (which I'm calling the export >> license page) >> >> Pulsar 1.20 release introduces encryption (as an optional feature), and it >> uses Bouncycastle, and we were planning on including the Bouncy* jars in >> the binary. >> >> Many Apache projects using Bouncycastle as listed on the export license >> page. Do we need to list it Pulsar on the export license page now? If so, >> how do we get it into there? >> >> Or should we just remove the BouncyCastle jars from the distribution and >> leave it optional, letting users install it if needed? Users will need >> to install it for building Pulsar from source. They wont need it for >> running Pulsar, unless they use encryption. >> >> What's the guidance on this? >> >> Cheers, >> Joe >> >> >> >> -- > Matteo Merli > <mme...@apache.org>
