[
https://issues.apache.org/jira/browse/TIKA-118?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12562822#action_12562822
]
Jukka Zitting commented on TIKA-118:
------------------------------------
The "Handling Cryptography within an Apache Release" guide
(http://www.apache.org/dev/crypto.html) lists the following four steps to
satisfy the export control requirements:
1. Check the Export Control Classification Number (ECCN).
2. Update the Exports Page with Source Links.
3. Notify the U.S. Government of the new code.
4. Inform users with a crypto notice in the distribution's README and download
pages.
I have completed these steps as follows:
1. Apache Tika is designed (through PDFBox) to use the Bouncy Castle (another
ECCN 5D002 product) libraries for extracting text content and metadata from
encrypted PDF documents. Thus the cryptographic functionality meets the
definition of ECCN 5D002.
2. Apache Tika is listed in http://www.apache.org/licenses/exports/
3. The U.S. Government has been notified (cc tika-dev@, see
http://markmail.org/message/fwzekguknsg4tgfh)
4. I've updated the README file with the crypto notice (see
http://svn.apache.org/viewvc?view=rev&revision=615409)
The only thing still missing is to add the crypto notice also to a Tika
download page for the upcoming 0.2-incubating release.
> Bouncycastle binaries requires US exports regulation compliance
> ---------------------------------------------------------------
>
> Key: TIKA-118
> URL: https://issues.apache.org/jira/browse/TIKA-118
> Project: Tika
> Issue Type: Task
> Affects Versions: 0.2-incubating
> Reporter: Bertrand Delacretaz
> Assignee: Jukka Zitting
> Fix For: 0.2-incubating
>
>
> See http://markmail.org/message/jduwmahz7nfcrzw6 , we need to take care of
> some US export regulations paperworks before shipping the binary package
> created in TIKA-115.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
