Is Tika ITAR Compliant?

[Mississippi Brennan <MB...@blueorigin.com>]

Hello,


I was developing a bit with Tika and wondered if you could tell me if it is compliant with International Traffic in Arms Regulations (ITAR?).


Thank you,


Mississippi

Re: [EXTERNAL] Re: Is Tika ITAR Compliant?

[Mississippi Brennan <MB...@blueorigin.com>]

?Thanks Tim!

________________________________
From: Tim Allison <ta...@apache.org>
Sent: Tuesday, December 10, 2019 7:38 AM
To: <de...@tika.apache.org>
Cc: Mississippi Brennan
Subject: [EXTERNAL] Re: Is Tika ITAR Compliant?

I'm not a lawyer, the following is not legal advice, and I may be mixing apples (ITAR) with oranges (EAR).  In my understanding, the only export concerns we _might_ have is dual-use cryptography, for which we rely on bouncy castle.

If you go to bouncycastle's wiki (http://bouncycastle.org/wiki/display/JA1/Frequently+Asked+Questions<https://urldefense.proofpoint.com/v2/url?u=http-3A__bouncycastle.org_wiki_display_JA1_Frequently-2BAsked-2BQuestions&d=DwMFaQ&c=oabj6cKx-cayrvsTA0R67S_f77lckZDNuNOZqiS4cjA&r=BR5emMfR2i-RuN_CVt-oz3Kasho6qLFp0_v9Doh4UzE&m=aJF0gkY3-em0bczu_WjZ_eQBGwVDSepqMbOFzxo6ZuY&s=BquGA7ZRyCJ586IL9CJLp1VU4Q7TogKgmCLEOv1qhIA&e=>) and scroll to #11, the ECCN is now 5D992.c. In short, in my non-legal opinion, you should be good, but check with your lawyers.

On Mon, Dec 9, 2019 at 5:37 PM Tom Barber <to...@spicule.co.uk>> wrote:
Just musing, could anything open source be non ITAR compliant?

Either way, I don't believe the ASF would ever host a project that wasn't
ITAR compliant, that would strike me as weird.

On 9 December 2019 at 13:05:02, Mississippi Brennan (mbrennan@blueorigin.com<ma...@blueorigin.com>)
wrote:

Hello,


I was developing a bit with Tika and wondered if you could tell me if it is
compliant with International Traffic in Arms Regulations (ITAR?).


Thank you,


Mississippi

--


Spicule Limited is registered in England & Wales. Company Number:
09954122. Registered office: First Floor, Telecom House, 125-135 Preston
Road, Brighton, England, BN1 6AF. VAT No. 251478891.




All engagements
are subject to Spicule Terms and Conditions of Business. This email and its
contents are intended solely for the individual to whom it is addressed and
may contain information that is confidential, privileged or otherwise
protected from disclosure, distributing or copying. Any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Spicule Limited. The company accepts no
liability for any damage caused by any virus transmitted by this email. If
you have received this message in error, please notify us immediately by
reply email before deleting it from your system. Service of legal notice
cannot be effected on Spicule Limited by email.

Re: Is Tika ITAR Compliant?

[Tim Allison <ta...@apache.org>]

I'm not a lawyer, the following is not legal advice, and I may be mixing
apples (ITAR) with oranges (EAR).  In my understanding, the only export
concerns we _might_ have is dual-use cryptography, for which we rely on
bouncy castle.

If you go to bouncycastle's wiki (
http://bouncycastle.org/wiki/display/JA1/Frequently+Asked+Questions) and
scroll to #11, the ECCN is now 5D992.c. In short, in my non-legal opinion,
you should be good, but check with your lawyers.

On Mon, Dec 9, 2019 at 5:37 PM Tom Barber <to...@spicule.co.uk> wrote:

> Just musing, could anything open source be non ITAR compliant?
>
> Either way, I don’t believe the ASF would ever host a project that wasn’t
> ITAR compliant, that would strike me as weird.
>
> On 9 December 2019 at 13:05:02, Mississippi Brennan (
> mbrennan@blueorigin.com)
> wrote:
>
> Hello,
>
>
> I was developing a bit with Tika and wondered if you could tell me if it is
> compliant with International Traffic in Arms Regulations (ITAR?).
>
>
> Thank you,
>
>
> Mississippi
>
> --
>
>
> Spicule Limited is registered in England & Wales. Company Number:
> 09954122. Registered office: First Floor, Telecom House, 125-135 Preston
> Road, Brighton, England, BN1 6AF. VAT No. 251478891.
>
>
>
>
> All engagements
> are subject to Spicule Terms and Conditions of Business. This email and
> its
> contents are intended solely for the individual to whom it is addressed
> and
> may contain information that is confidential, privileged or otherwise
> protected from disclosure, distributing or copying. Any views or opinions
> presented in this email are solely those of the author and do not
> necessarily represent those of Spicule Limited. The company accepts no
> liability for any damage caused by any virus transmitted by this email. If
> you have received this message in error, please notify us immediately by
> reply email before deleting it from your system. Service of legal notice
> cannot be effected on Spicule Limited by email.
>

Re: Is Tika ITAR Compliant?

[Tom Barber <to...@spicule.co.uk>]

Just musing, could anything open source be non ITAR compliant?

Either way, I don’t believe the ASF would ever host a project that wasn’t
ITAR compliant, that would strike me as weird.

On 9 December 2019 at 13:05:02, Mississippi Brennan (mbrennan@blueorigin.com)
wrote:

Hello,


I was developing a bit with Tika and wondered if you could tell me if it is
compliant with International Traffic in Arms Regulations (ITAR?).


Thank you,


Mississippi

-- 


Spicule Limited is registered in England & Wales. Company Number: 
09954122. Registered office: First Floor, Telecom House, 125-135 Preston 
Road, Brighton, England, BN1 6AF. VAT No. 251478891.




All engagements 
are subject to Spicule Terms and Conditions of Business. This email and its 
contents are intended solely for the individual to whom it is addressed and 
may contain information that is confidential, privileged or otherwise 
protected from disclosure, distributing or copying. Any views or opinions 
presented in this email are solely those of the author and do not 
necessarily represent those of Spicule Limited. The company accepts no 
liability for any damage caused by any virus transmitted by this email. If 
you have received this message in error, please notify us immediately by 
reply email before deleting it from your system. Service of legal notice 
cannot be effected on Spicule Limited by email.