You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@dubbo.apache.org by Huxing Zhang <hu...@apache.org> on 2019/05/24 03:34:17 UTC
Regarding EAR on encryption software
Hi,
Recently ASF announced[1] a statement regarding US Federal Register
Notice of non-US affiliates added to Entity List Ruling. It says:
Open Source projects involving encryption software source code are
still required to send a notice of the URL to BIS and NSA to satisfy
the "publicly available" notice requirement in EAR § 742.15(b).
I want to make sure Dubbo does not involving encryption software.
Dubbo has integrated various external softwares which provide the
feature to encrypt software, for example:
- Netty
- Apache Tomcat
- Jetty
- jetcd
I checked the source on Dubbo, and did not found any code that
activates the encryption.
So basically I think it is safe here.
If you found any issues regarding encryption please let me know. We
need to send a notice to BIS and NSA.
[1] https://blogs.apache.org/foundation/entry/statement-by-the-apache-software
--
Best Regards!
Huxing