According to the license, the code has the following copyright:
"Copyright (c) 2002 University Corporation for Advanced Internet Development, Inc. All rights reserved"
-- http://shibboleth.internet2.edu/license.html
Do we have some indication from them that they are willing to transfer copyright to the ASF?
Yup - and the people involved are aware of the relevant form to provide copyright to the ASF. Having said that this is one reason this would need to go through the incubator.
And just to be picky:
"..subject to The ASF signing a form indicating that the Foundation understands the US export control requirements and agrees to abide by them."
Does this imply we need "I'm not a terrorist, honest" checkboxes on the download page, like Sun has? If so, we'll need to ensure it isn't mirrored. Anyway, hope whoever signs the form is more enlightened on these matters than me :)
We've been through a lot of this with xml-security already, as we are implementing encryption functionality in those libraries. So the thinking at the moment is the same requirements would be in place (notification of BIS etc.)
Given this is "publically available" source code, the requirement for active checking on web sites is not active. However, were we to directly send the code to a part of the world that is controlled, we would need to apply for an export permit.
http://www.bxa.doc.gov/Encryption/Q&A18oct.htm#24
Cheers, Berin
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
