背景
最近 Google 中止与华为业务往来的事情引起了轩然大波。关于开源是否也受美国出口管制的问题在各大技术群中被频繁提问,网络上也出现了《够狠!Github:开源代码也受美国出口管制》、《开源界也要注意,Apache 基金会与 GitHub 都受美国法律约束》等耸人听闻的标题,甚至有人称 ”开源已死“。看到一些朋友和媒体纷纷阅读转发,不明真相的小编决定寻找一些比较官方和权威的说法看看事实是否如此,顺便给大家甄选鉴别,也希望大家在看到此类文章的时候,不要轻信和疯狂转发,先经过自身聪明才智鉴别过后再决定转发与否。
Apache 基金会怎么说?
由于事情强烈发酵,有开源人士联系了 Apache 董事会,Apache 董事会最近也发表了声明,标题为《Statement by The Apache Software Foundation regarding US Federal Register Notice of non-US affiliates added to Entity List Ruling》
框框内上下滑动可查看全文
Statement by The Apache Software Foundation regarding US Federal Register Notice of non-US affiliates added to Entity List Ruling
Restrictions on exports and reexports to parties named on Entity List specifically apply to activities and transactions subject to the Export Administration Regulation (EAR). [1] Open Source publicly available encryption software source code, as reclassified by the US Department of Commerce, Bureau of Industry and Security (BIS) effective September 20, 2016, is "publicly available" and "published" and is not "subject to the EAR." [2]
Open Source projects involving encryption software source code are still required to send a notice of the URL to BIS and NSA to satisfy the "publicly available" notice requirement in EAR § 742.15(b).
The ASF continues to work with Apache projects and their communities to ensure their notices are up to date and are maintained in the future.[3]
Open Source software, collaboration on Open Source code, attending open telephonic or in person meetings, and providing sponsorship funds are all activities that are not subject to the EAR and therefore should have no impact on our communities.
For more information, visit http://apache.org/foundation/license-faq.html
Roman Shaposhnik
ASF Vice President Legal Affairs
We thank DLA Piper and The Linux Foundation for their legal counsel and collaboration regarding this subject.
[1] https://www.bis.doc.gov/index.php/documents/regulations-docs/2395-effective-date-of-huawei-and-affiliates-entity-list-rule
[2] 81 Fed. Reg. 64656, 64668 (September 20, 2016). See also, https://www.bis.doc.gov/index.php/policy-guidance/encryption/223-new-encryption
[3] https://www.apache.org/licenses/exports/
原文链接:https://blogs.apache.org/foundation/entry/statement-by-the-apache-software?from=timeline&isappinstalled=0
以下是译文
框框内上下滑动可查看全文
Apache 软件基金会关于美国联邦对非美国隶属的实体添加到实体名单规则的声明
出口和再出口对实体清单上指定的各方的限制只适用于受出口管理条例(EAR )约束的活动和交易。[1]开源公开可及的加密 软件源代码,由美国商务部,工业和安全局(BIS)于 2016年9月 20日生效,属于“ 公开可及” 和“已 发布”,并且不受 “EAR ”限制。[2]
涉及加密软件源代码的开源项目仍然需要向 BIS 和 NSA 发送声明 URL 通知,以 满足EAR§742.15(b)中的 “公开可及”通知要求。
ASF 继续与 Apache 项目及其社区合作,以确保他们的通知是最新的,并在将来得到维护。[3]
开源软件,开源代码协作,参加开放式电话会议或现场会议以及提供赞助资金都是不受 EAR 约束的活动,因此不应对我们的社区产生影响。
有关更多信息,请访问 http://apache.org/foundation/license-faq.html
Roman Shaposhnik
ASF 法律事务副总裁
We thank DLA Piper and The Linux Foundation for their legal counsel and collaboration regarding this subject.
[1] https://www.bis.doc.gov/index.php/documents/regulations-docs/2395-effective-date-of-huawei-and-affiliates-entity-list-rule
[2] 81 Fed. Reg. 64656, 64668 (September 20, 2016). See also, https://www.bis.doc.gov/index.php/policy-guidance/encryption/223-new-encryption
[3] https://www.apache.org/licenses/exports/
开源人士怎么说?
最近经常被人问 SkyWalking 和其他 Apache 项目是否受到影响。一直没有太多正面回应,因为在和 Apache Board 沟通,并等待官方声明。
全文如下,简单说来,目前来说,没有直接影响,开源依然可以自由使用。
吴晟 开源项目 SkyWalking 创始人,PPMC 及 Committer,开源项目 Zipkin Mentor
看完 Apache 的声明,你是否觉得开源会受到美国出口限制?评论发表你的看法吧!
