[GNU Crypto] Re: [kaffe] missing features needed for HSQLDB 1.7.2
rsdio at metastatic.org
Wed Aug 13 18:08:02 PDT 2003
-----BEGIN PGP SIGNED MESSAGE-----
On Wed, Aug 13, 2003 at 03:46:53PM +0200, Dalibor Topic wrote:
> >>javax.net.ssl.* is a different beast altogether. I'm afraid that there
> >>is no free software implementation of this API, but I hope the Gnu
> >>Crypto developers may know more. So I've cc:ed them in this mail.
> >Your wish is my command ;)
> Hear, hear, thou bringst good news! ;)
> >I have been working on this very package, right now called Jessie:
> ><http://metastatic.org/source/jessie/>. The status now is that the
> >javax.net.ssl classes are implemented and may be complete, but the
> >actual SSL implementations have only just begun.
> >The code is targeted at Classpath (it requires classes in the
> >gnu.java.security package) and will likely use GNU Crypto for its crypto
> >algs (in which case it will have to wait until we get RSA and DH).
> That's O.K. for us, as we're gradually merging in more and more bits
> from GNU classpath into kaffe. I would be interested in merging it in
> into kaffe's class library, since it's part of Java 1.4 (and Ito needs
> it), but I have a few questions:
> * What is the license of the code, i.e. is it GPL compatible?
Yes, it is GPL+exception, same as Classpath.
> * What are the legal implications, i.e. does it count as crypto
> ammunition, or is it legally safe to distribute the code from the
> states? I'm not well informaed about the state of things with respect to
> US crypto export regulations, so I'd appreciate information on that.
I don't recall too many of the specifics of the current US export
policies (I did read them once -- ick) but I think that only code that
can actually perform encryption (e.g. a cipher) with a large key length
is subject to export control. Thus Jessie probably isn't covered by
these restrictions, since it contains no ciphers itself.
I *think* the situation is different if the software is freely
available with source code, which puts it under some exemption and
therefore can be exported (that is now, however. Who knows what our
friendly DHS will do in coming years...). See
<http://www.bxa.doc.gov/Encryption/EncFactSheet6_17_02.html>, last item
on the page.
Casey Marshall || rsdio at metastatic.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the kaffe