Binary mod_ssl in httpd win32 binary?

[Issac Goldstand <ma...@beamartyr.net>]

Hi all,
  Apologies if this isn't the proper forum for this question (as I've a
feeling that this is more an OpenSSL issue than an Apache issue), but does
anyone here know offhand why the win32 binary distribution of httpd-2.0
doesn't include mod_ssl/openssl?  I'm sure it's something fairly obvious,
and would be very happy if someone could point me at whatever license /
export restriction / whatever that prevents it.

Thanks!
  Issac


---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and educational
only, are not privileged and do not constitute legal advice.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: ASF-wide crypto policies

[Justin Erenkrantz <ju...@erenkrantz.com>]

On Tue, Aug 02, 2005 at 11:42:14AM -0400, Noel J. Bergman wrote:
> > Most of what is archived will probably be replaced by the new ASF-wide
> > crypto policies anyways.
> 
> What is the status?  Right now, AUIU, we cannot cut a release of JAMES until the BXA issues are addressed, due to the presence of S/MIME support in the code.  I'd like to get this block resolved ASAP.

It's on the legal to-do list after we clear out the LGPL & MPL issues.

I've posted to the board the list of questions I'd like to see answered with
respect to BXA.  If you'd like to run point with our counsel to see that we
get answers earlier, I'm sure Cliff wouldn't mind the assist.  -- justin

---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and educational
only, are not privileged and do not constitute legal advice.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

ASF-wide crypto policies

["Noel J. Bergman" <no...@devtech.com>]

> Most of what is archived will probably be replaced by the new ASF-wide
> crypto policies anyways.

What is the status?  Right now, AUIU, we cannot cut a release of JAMES until the BXA issues are addressed, due to the presence of S/MIME support in the code.  I'd like to get this block resolved ASAP.

	--- Noel

bcc: JAMES PMC (reply back on legal-discuss)


---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and educational
only, are not privileged and do not constitute legal advice.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: Binary mod_ssl in httpd win32 binary?

["William A. Rowe, Jr." <wr...@rowe-clan.net>]

Issac,

   yes I suppose it's off topic, since this is already delegated to an
ASF board committee, but in short we have a few fundemental questions;

  * Will the ASF redistribute crypto code? (OpenSSL is most certainly not
    our project, although we are quite friendly with that project.)

  * What policy will we use for tracking crypto code throughout the ASF,
    in order to ensure BXA compliance in an ever-shifting legal and
    political minefield?  (Right now, things have been done helter
    skelter with some pieces in compliance but not sufficiently tracked,
    while others have been introduced without complying, and then
    promptly removed while this gets sorted out.)

Once these are answered, hopefully quite shortly, things will look up.

Note the ASF will never redistribute OpenSSL's infringing IP, so you
can expect mdc2, idea, rc5 etc will not be part of any binaries built
here in the states.  One observation; if the OpenSSL project ever got
it's act together with respect to distributing official libeay32.dll
and ssleay32.dll files (with the associated .lib and .pdb files to make
them useful) there is nothing stopping us today from redistributing the
mod_ssl.so built against these.  That still doesn't answer the question,
though, of whether or not we should be redistributing those two .dll's.

The legal committee (as opposed to this discussion forum) already has
this issue put to them, and should have resolutions soon.  Forgive me
for not quoting tons of links to the BXA website and previous discussion
about the issue; you can check the archives if you are quite interested.
Most of what is archived will probably be replaced by the new ASF-wide
crypto policies anyways.

Bill

Issac Goldstand wrote:
> Hi all,
>   Apologies if this isn't the proper forum for this question (as I've a
> feeling that this is more an OpenSSL issue than an Apache issue), but does
> anyone here know offhand why the win32 binary distribution of httpd-2.0
> doesn't include mod_ssl/openssl?  I'm sure it's something fairly obvious,
> and would be very happy if someone could point me at whatever license /
> export restriction / whatever that prevents it.
> 
> Thanks!
>   Issac
> 
> 
> ---------------------------------------------------------------------
> DISCLAIMER: Discussions on this list are informational and educational
> only, are not privileged and do not constitute legal advice.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
> 
> 
> .
> 

---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and educational
only, are not privileged and do not constitute legal advice.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org