summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRoy T. Fielding <fielding@apache.org>2006-12-24 23:54:49 +0100
committerRoy T. Fielding <fielding@apache.org>2006-12-24 23:54:49 +0100
commit73819c82155a5022fe89c22484c69d45313c5255 (patch)
tree9eb237d117bba50a4dfafa4ccb15a1c7551f96a6
parentCompile mod_authn_core on Win32. (The authz-dev branch forgot to add this.) (diff)
downloadapache2-73819c82155a5022fe89c22484c69d45313c5255.tar.xz
apache2-73819c82155a5022fe89c22484c69d45313c5255.zip
Follow Garrett's example and provide a crypto notice in the README,
with specific details for removing the crypto and for nossl packages. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@490083 13f79535-47bb-0310-9956-ffa450edef68
-rw-r--r--README50
1 files changed, 50 insertions, 0 deletions
diff --git a/README b/README
index 4fe212aa00..3fa3fe50bb 100644
--- a/README
+++ b/README
@@ -37,6 +37,56 @@
Please see the file called LICENSE.
+ Cryptographic Software Notice
+ -----------------------------
+
+ This distribution may include software that has been designed for use
+ with cryptographic software. The country in which you currently reside
+ may have restrictions on the import, possession, use, and/or re-export
+ to another country, of encryption software. BEFORE using any encryption
+ software, please check your country's laws, regulations and policies
+ concerning the import, possession, or use, and re-export of encryption
+ software, to see if this is permitted. See <http://www.wassenaar.org/>
+ for more information.
+
+ The U.S. Government Department of Commerce, Bureau of Industry and
+ Security (BIS), has classified this software as Export Commodity
+ Control Number (ECCN) 5D002.C.1, which includes information security
+ software using or performing cryptographic functions with asymmetric
+ algorithms. The form and manner of this Apache Software Foundation
+ distribution makes it eligible for export under the License Exception
+ ENC Technology Software Unrestricted (TSU) exception (see the BIS
+ Export Administration Regulations, Section 740.13) for both object
+ code and source code.
+
+ The following provides more details on the included files that
+ may be subject to export controls on cryptographic software:
+
+ Apache httpd 2.0 and later versions include the mod_ssl module under
+ modules/ssl/
+ for configuring and listening to connections over SSL encrypted
+ network sockets by performing calls to a general-purpose encryption
+ library, such as OpenSSL or the operating system's platform-specific
+ SSL facilities.
+
+ In addition, some versions of apr-util provide an abstract interface
+ for SSL encrypted network sockets in the files under the directory
+ srclib/apr-util/ssl/
+ that makes use of a general-purpose encryption library, such as
+ OpenSSL or the operating system's platform-specific SSL facilities.
+ Apache httpd currently does not use that apr-util interface.
+
+ Some object code distributions of Apache httpd, indicated with the
+ word "crypto" in the package name, may include object code for the
+ OpenSSL encryption library as distributed in open source form from
+ <http://www.openssl.org/source/>.
+
+ The above files are optional and may be removed if the cryptographic
+ functionality is not desired or needs to be excluded from redistribution.
+ Distribution packages of Apache httpd that include the word "nossl"
+ in the package name have been created without the above files and are
+ therefore not subject to this notice.
+
Contacts
--------