[
https://issues.apache.org/jira/browse/GEODE-25?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dick Cavender updated GEODE-25:
-------------------------------
Attachment:
ASF-ExportClassificationQuestionnaire-GemFireGemFireNativeClient8.2.0.pdf
We're unable to share the black duck scan results with ASF and these results
likely wouldn't provide the information that is being requested here anyway.
Since this source code has been around for years we've completed Export
Compliance certification on it as GemStone Systems, VMware and then again with
EMC and Pivotal.
We're providing the most recent Export Classification document for the last GA
version of the commercial product. The product was classified under ECCN 5D002
and eligible for export under License Exception ENC in accordance with Section
740.17(b)(1) of the EAR.
We provide this document in good faith that there isn't encryption in the
product that violates US laws while also knowing we must still follow the ASF
steps outlined on the ASF crypto page for the new open source product Apache
Geode and obtain a ECCN for it.
> Geode Cryptography Audit
> ------------------------
>
> Key: GEODE-25
> URL: https://issues.apache.org/jira/browse/GEODE-25
> Project: Geode
> Issue Type: Task
> Reporter: Niall Pemberton
> Assignee: Dick Cavender
> Attachments:
> ASF-ExportClassificationQuestionnaire-GemFireGemFireNativeClient8.2.0.pdf
>
>
> Review if there are any Cryptography issues with Geode:
> * See http://incubator.apache.org/guides/mentor.html#crypto-audit
> * See http://www.apache.org/dev/crypto.html
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
