oneAPI_course/data/eccn/eccnmatrix.yaml

eccnmatrix:
  - href: 'http://accumulo.apache.org/'
    name: Apache Accumulo Project
    contact: John Vines
    product:
      - name: Apache Accumulo Project
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'https://git-wip-us.apache.org/repos/asf/accumulo.git'
                manufacturer: ASF
                why: Designed for use with built in Java encryption libraries
              - href: 'http://www.bouncycastle.org/download/bcmail-jdk15-137.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
          - version: 1.6.0 and on
            eccn: 5D002
            source:
              - href: 'https://git-wip-us.apache.org/repos/asf/accumulo.git'
                manufacturer: ASF
                why: Designed for use with built in Java encryption libraries
              - href: 'http://www.bouncycastle.org/download/bcmail-jdk15-137.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
          - version: 1.5.x
            eccn: 5D002
            source:
              - href: 'https://git-wip-us.apache.org/repos/asf/accumulo.git'
                manufacturer: ASF
                why: Designed for use with built in Java encryption libraries
  - href: 'http://activemq.apache.org/'
    name: Apache ActiveMQ Project
    contact: Hiram Chirino
    product:
      - name: Apache ActiveMQ
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/activemq/'
                manufacturer: ASF
                why: designed for use with encryption library
          - version: 4.1 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/activemq/apache-activemq'
                manufacturer: ASF
                why: designed for use with encryption library
      - name: Apache Camel
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/activemq/camel'
                manufacturer: ASF
                why: designed for use with encryption library
          - version: 1.0.0 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/activemq/apache-camel'
                manufacturer: ASF
                why: designed for use with encryption library
  - href: 'http://ant.apache.org/'
    name: Apache Ant Project
    contact: Conor MacNeill
    product:
      - name: Apache Ant
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/ant/core/'
                manufacturer: ASF
                why: designed for use with encryption (SSH) library
          - version: 1.1 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/ant/'
                manufacturer: ASF
                why: designed for use with encryption (SSH) library
      - name: Apache Ivy
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/ant/ivy/'
                manufacturer: ASF
                why: designed for use with encryption (SSH) library
          - version: 2.0.0-alpha-*-incubating
            eccn: 5D002
            source:
              - href: 'http://people.apache.org/dist/incubator/ivy/'
                manufacturer: ASF
                why: designed for use with encryption (SSH) library
          - version: 2.0.0-alpha-*-incubating-bin-with-deps
            eccn: 5D002
            source:
              - href: 'http://people.apache.org/dist/incubator/ivy/'
                manufacturer: ASF
                why: designed for use with encryption (SSH) library
              - href: 'http://www.jcraft.com/jsch/'
                manufacturer: 'JCraft, Inc.'
                why: provides encryption (SSH) library
          - version: 2.0.0-beta1-* and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/ant/ivy/'
                manufacturer: ASF
                why: designed for use with encryption (SSH) library
          - version: 2.0.0-beta1-bin-with-deps and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/ant/ivy/'
                manufacturer: ASF
                why: designed for use with encryption (SSH) library
              - href: 'http://www.jcraft.com/jsch/'
                manufacturer: 'JCraft, Inc.'
                why: provides encryption (SSH) library
  - href: 'https://aries.apache.org/'
    name: Apache Aries
    contact: Christian Schneider
    product:
      - name: Apache Aries RSA
        versions:
          - version: development and all releases
            eccn: 5D002
            source:
              - href: 'https://git-wip-us.apache.org/repos/asf/aries-rsa.git'
                manufacturer: ASF
                why: 'Designed for use with the Java SE Security, Jetty (uses SSL)'
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: >-
                  Java SE Security including Java Cryptography Architecture,
                  Java Cryptography Extension library (JCE), Java Security
                  Architecture, Java Authentication and Authorization Service
                  (JAAS), Java Secure Sockets Extension (JSSE), Java GSS-API,
                  and Java SASL API
              - href: 'http://eclipse.org/jetty'
                manufacturer: The Eclipse Foundation
                why: HTTPS support in Jetty (uses SSL)
  - href: 'http://cassandra.apache.org/'
    name: Apache Cassandra Project
    contact: Nate McCall
    product:
      - name: Apache Cassandra
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'https://git-wip-us.apache.org/repos/asf/cassandra.git'
                manufacturer: ASF
                why: Designed for use with built in Java encryption libraries
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: General-purpose cryptography library (JCE) included with Java
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: General-purpose cryptography library included with OpenSSL
          - version: 0.8 and later
            eccn: 5D002
            source:
              - href: 'https://git-wip-us.apache.org/repos/asf/cassandra.git'
                manufacturer: ASF
                why: Designed for use with built in Java encryption libraries
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: General-purpose cryptography library (JCE) included with Java
  - href: 'http://cayenne.apache.org/'
    name: Apache Cayenne Project
    contact: Andrus Adamchik
    product:
      - name: Apache Cayenne
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: >-
                  http://svn.apache.org/repos/asf/cayenne/main/trunk/cayenne-crypto/
                manufacturer: ASF
                why: designed for use with encryption library
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: general-purpose cryptography library (JCE) included with Java
          - version: 3.2.M2 and later
            eccn: 5D002
            source:
              - href: >-
                  http://svn.apache.org/repos/asf/cayenne/main/trunk/cayenne-crypto/
                manufacturer: ASF
                why: designed for use with encryption library
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: general-purpose cryptography library (JCE) included with Java
  - href: 'http://commons.apache.org/sandbox/openpgp/'
    name: Apache Commons Project
    contact: Torsten Curdt
    product:
      - name: Apache Commons Compress
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/commons/proper/compress/trunk/'
                manufacturer: ASF
                why: designed for use with encryption library
          - version: 1.6 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/commons/compress'
                manufacturer: ASF
                why: designed for use with encryption library
      - name: Apache Commons Crypto
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'https://git-wip-us.apache.org/repos/asf/commons-crypto.git'
                manufacturer: ASF
                why: designed for use with encryption library
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: general-purpose cryptography library included with OpenSSL
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: general-purpose cryptography library (JCE) included with Java
          - version: 1.0.0 and later
            eccn: 5D002
            source:
              - href: 'https://www.apache.org/dist/commons/crypto/'
                manufacturer: ASF
                why: designed for use with encryption library
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: general-purpose cryptography library included with OpenSSL
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: general-purpose cryptography library (JCE) included with Java
      - name: Apache Commons OpenPGP
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/commons/sandbox/openpgp/trunk/'
                manufacturer: ASF
                why: designed for use with encryption library
  - href: 'http://couchdb.apache.org/'
    name: Apache CouchDB Project
    contact: Damien Katz
    product:
      - name: Apache CouchDB
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/couchdb/'
                manufacturer: ASF
                why: Includes a HTTP client with SSL functionality
          - version: 0.9.0 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/couchdb/'
                manufacturer: ASF
                why: Includes a HTTP client with SSL functionality
              - href: 'http://github.com/cmullaparthi/ibrowse/tree/master'
                manufacturer: ibrowse
                why: HTTP client with SSL functionality
  - href: 'http://cxf.apache.org/'
    name: Apache CXF Project
    contact: Dan Kulp
    product:
      - name: Apache CXF
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/cxf/'
                manufacturer: ASF
                why: >-
                  Designed for use with the Apache XML Security Java API, WSS4J
                  and BouncyCastle crypto
              - href: 'http://archive.apache.org/dist/xml/security/java-library/'
                manufacturer: ASF
                why: >-
                  General-purpose XML encryption and digital signature
                  implementation
              - href: >-
                  ftp://ftp.bouncycastle.org/pub/release1.36/bcprov-jdk14-136.tar.gz
                manufacturer: Bouncy Castle
                why: General-purpose encryption library API for Java 1.4.x
          - version: all 2.*
            eccn: 5D002
            source:
              - href: 'http://people.apache.org/dist/cxf/'
                manufacturer: ASF
                why: >-
                  Designed for use with the Apache XML Security Java API, WSS4J
                  and BouncyCastle crypto
              - href: 'http://archive.apache.org/dist/xml/security/java-library/'
                manufacturer: ASF
                why: >-
                  General-purpose XML encryption and digital signature
                  implementation
              - href: >-
                  ftp://ftp.bouncycastle.org/pub/release1.36/bcprov-jdk14-136.tar.gz
                manufacturer: Bouncy Castle
                why: General-purpose encryption library API for Java 1.4.x
          - version: all 2.*-incubating
            eccn: 5D002
            source:
              - href: 'http://people.apache.org/dist/incubator/cxf/'
                manufacturer: ASF
                why: >-
                  Designed for use with the Apache XML Security Java API, WSS4J
                  and BouncyCastle crypto
              - href: 'http://archive.apache.org/dist/xml/security/java-library/'
                manufacturer: ASF
                why: >-
                  General-purpose XML encryption and digital signature
                  implementation
              - href: >-
                  ftp://ftp.bouncycastle.org/pub/release1.36/bcprov-jdk14-136.tar.gz
                manufacturer: Bouncy Castle
                why: General-purpose encryption library API for Java 1.4.x
  - href: 'http://db.apache.org/derby/'
    name: Apache DB Project
    contact: Jean T. Anderson
    product:
      - name: Apache Derby
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/db/derby/code/'
                manufacturer: ASF
                why: >-
                  designed for use with the Java Cryptography Extension (JCE)
                  API
          - version: derby-10.*
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/db/derby/'
                manufacturer: ASF
                why: >-
                  designed for use with the Java Cryptography Extension (JCE)
                  API
      - name: Apache DdlUtils
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/db/ddlutils/'
                manufacturer: ASF
                why: 'Includes Apache Ant, which includes SSL functionality'
          - version: ddlutils-1.0 and higher
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/db/ddlutils/'
                manufacturer: ASF
                why: 'Includes Apache Ant, which includes SSL functionality'
      - name: Apache ObjectRelationalBridge - OJB
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/db/ojb/'
                manufacturer: ASF
                why: 'Includes Apache Ant, which includes SSL functionality'
          - version: ojb-1.0.0 and higher
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/db/ojb/'
                manufacturer: ASF
                why: 'Includes Apache Ant, which includes SSL functionality'
      - name: Apache Torque
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/db/torque/'
                manufacturer: ASF
                why: >-
                  The Torque Generator includes Apache Ant, which includes SSL
                  functionality
          - version: torque-3.1 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/db/torque/'
                manufacturer: ASF
                why: 'Includes Apache Ant, which includes SSL functionality'
  - href: 'http://directory.apache.org/'
    name: Apache Directory Project
    contact: Emmanuel Lecharny
    product:
      - name: Apache Directory Server
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/directory/apacheds'
                manufacturer: ASF
                why: >-
                  designed for use with the Java Cryptography Extension (JCE)
                  API
          - version: 1.0 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/directory/apacheds'
                manufacturer: ASF
                why: >-
                  designed for use with the Java Cryptography Extension (JCE)
                  API
          - version: 1.5 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/directory/apacheds'
                manufacturer: ASF
                why: >-
                  designed for use with the Java Cryptography Extension (JCE)
                  API
              - href: 'http://www.bouncycastle.org/download/bcprov-jdk15-136.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
      - name: Apache Directory Studio
        versions:
          - version: 1.2 and later
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/directory/studio'
                manufacturer: ASF
                why: >-
                  designed for use with the Java Cryptography Extension (JCE)
                  API
              - href: 'http://www.bouncycastle.org/download/bcprov-jdk15-136.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
  - href: 'http://drill.apache.org/'
    name: Apache Drill
    contact: Parth Chandra
    product:
      - name: Apache Drill
        versions:
          - version: 1.2 and later
            eccn: 5D002
            source:
              - href: 'https://git-wip-us.apache.org/repos/asf/drill.git'
                manufacturer: ASF
                why: >-
                  Designed for use with the Java SE Security, SASL, Kerberos,
                  and OpenSSL
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: >-
                  Java SE Security including Java Cryptography Architecture,
                  Java Cryptography Extension library (JCE), Java Security
                  Architecture, Java Authentication and Authorization Service
                  (JAAS), Java Secure Sockets Extension (JSSE), Java GSS-API,
                  and Java SASL API
              - href: 'http://eclipse.org/jetty'
                manufacturer: The Eclipse Foundation
                why: HTTPS support in Jetty (uses SSL)
              - href: 'https://www.cyrusimap.org/sasl/'
                manufacturer: The Cyrus SASL project
                why: General purpose SASL library
              - href: 'http://web.mit.edu/kerberos/'
                manufacturer: MIT
                why: General purpose Kerberos library
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: General purpose cryptography library included with OpenSSL
  - href: 'https://felix.apache.org/'
    name: Apache Felix
    contact: Karl Pauls
    product:
      - name: Apache Felix Http Jetty
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'https://git-wip-us.apache.org/repos/asf/felix-dev.git'
                manufacturer: ASF
                why: 'Designed for use with the Java SE Security, Jetty (uses SSL)'
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: >-
                  Java SE Security including Java Cryptography Architecture,
                  Java Security Architecture, Java Authentication and
                  Authorization Service (JAAS), Java Secure Sockets Extension
                  (JSSE), Java GSS-API, and Java SASL API
              - href: 'http://eclipse.org/jetty'
                manufacturer: The Eclipse Foundation
                why: HTTPS support in Jetty (uses SSL)
          - version: all releases
            eccn: 5D002
            source:
              - href: 'https://archive.apache.org/dist/felix/'
                manufacturer: ASF
                why: 'Designed for use with the Java SE Security, Jetty (uses SSL)'
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: >-
                  Java SE Security including Java Cryptography Architecture
                  (JCA), Java Cryptography Extension library (JCE), Java
                  Security Architecture, Java Authentication and Authorization
                  Service (JAAS), Java Secure Sockets Extension (JSSE), Java
                  GSS-API, and Java SASL API
              - href: 'http://eclipse.org/jetty'
                manufacturer: The Eclipse Foundation
                why: HTTPS support in Jetty (uses SSL)
  - href: 'http://forrest.apache.org/'
    name: Apache Forrest Project
    contact: David Crossley
    product:
      - name: Apache Forrest
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/forrest/'
                manufacturer: ASF
                why: designed for use with encryption (SSH) library
          - version: apache-forrest-0.6 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/forrest/'
                manufacturer: ASF
                why: designed for use with encryption (SSH) library
              - href: 'http://www.jcraft.com/jsch/'
                manufacturer: 'JCraft, Inc.'
                why: provides encryption (SSH) library
  - href: 'http://geode.apache.org/'
    name: Apache Geode Project
    contact: Mark Bretl
    product:
      - name: Apache Geode
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'https://git-wip-us.apache.org/repos/asf/geode.git'
                manufacturer: ASF
                why: Designed for use with encryption library
              - href: 'https://git-wip-us.apache.org/repos/asf/geode-native.git'
                manufacturer: ASF
                why: Designed for use with encryption library
              - href: 'https://git-wip-us.apache.org/repos/asf/geode-examples.git'
                manufacturer: ASF
                why: Designed for use with encryption library
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: >-
                  Designed for use with Java Secure Socket Extension (JSSE) and
                  Java Cryptography Extension (JCE)
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: Publicly available SSL encryption library
          - version: all releases
            eccn: 5D002
            source:
              - href: 'https://git-wip-us.apache.org/repos/asf/geode.git'
                manufacturer: ASF
                why: Designed for use with encryption library
              - href: 'https://git-wip-us.apache.org/repos/asf/geode-native.git'
                manufacturer: ASF
                why: Designed for use with encryption library
              - href: 'https://git-wip-us.apache.org/repos/asf/geode-examples.git'
                manufacturer: ASF
                why: Designed for use with encryption library
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: >-
                  Designed for use with Java Secure Socket Extension (JSSE) and
                  Java Cryptography Extension (JCE)
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: Publicly available SSL encryption library
  - href: 'http://geronimo.apache.org/'
    name: Apache Geronimo Project
    contact: Matt Hogstrom
    product:
      - name: Apache Geronimo
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/geronimo/'
                manufacturer: ASF
                why: designed for use with encryption library
          - version: 1.0 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/geronimo/'
                manufacturer: ASF
                why: designed for use with encryption library
  - href: 'http://hadoop.apache.org/'
    name: Apache Hadoop Project
    contact: Owen O'Malley
    product:
      - name: Apache Hadoop
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/hadoop/'
                manufacturer: ASF
                why: designed for use with encryption library
          - version: 17.0 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/hadoop/'
                manufacturer: ASF
                why: designed for use with encryption library
  - href: 'http://harmony.apache.org/'
    name: Apache Harmony Project
    contact: Tim Ellison
    product:
      - name: Apache Harmony
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/harmony/'
                manufacturer: ASF
                why: implements the Java Cryptography Extension (JCE) API
          - version: 5.0M1 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/harmony/'
                manufacturer: ASF
                why: implements the Java Cryptography Extension (JCE) API
              - href: 'http://www.bouncycastle.org/download/bcmail-jdk15-137.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
  - href: 'http://hawq.incubator.apache.org/'
    name: Apache HAWQ (incubating) Project
    contact: Roman Shaposhnik
    product:
      - name: Apache HAWQ (incubating) Project
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'https://git-wip-us.apache.org/repos/asf/incubator-hawq.git'
                manufacturer: ASF
                why: General-purpose encryption and digest code
  - href: 'https://hive.apache.org/'
    name: Apache Hive Project
    contact: Owen O'Malley
    product:
      - name: Apache Hive
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'https://github.com/apache/hive'
                manufacturer: ASF
                why: Designed for use with built in Java encryption libraries
          - version: 1.3.0 and on
            eccn: 5D002
            source:
              - href: 'https://github.com/apache/hive'
                manufacturer: ASF
                why: Designed for use with built in Java encryption libraries
  - href: 'http://hc.apache.org/'
    name: Apache HttpComponents Project
    contact: Erik Abele
    product:
      - name: Apache HttpComponents Core
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/httpcomponents/httpcore/'
                manufacturer: ASF
                why: Designed for use with Java Secure Socket Extension (JSSE)
          - version: 4.0 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/httpcomponents/httpcore/'
                manufacturer: ASF
                why: Designed for use with Java Secure Socket Extension (JSSE)
      - name: Apache HttpComponents Client
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/httpcomponents/httpclient/'
                manufacturer: ASF
                why: Designed for use with Java Secure Socket Extension (JSSE)
          - version: 4.0 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/httpcomponents/httpclient/'
                manufacturer: ASF
                why: Designed for use with Java Secure Socket Extension (JSSE)
          - version: '1.x, 2.x, 3.x'
            eccn: 5D002
            source:
              - href: >-
                  http://archive.apache.org/dist/httpcomponents/commons-httpclient/
                manufacturer: ASF
                why: >-
                  Designed for use with Java Secure Socket Extension (JSSE) and
                  Java Cryptography Extension (JCE)
  - href: 'http://httpd.apache.org/'
    name: Apache HTTP Server Project
    contact: Roy T. Fielding
    product:
      - name: Apache HTTP Server
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/httpd/'
                manufacturer: ASF
                why: >-
                  mod_ssl designed for use with SSL library,
                  apr-util/mod_session_crypto designed for use with encryption
                  library
          - version: apache_1.3.x
            eccn: n/a
          - version: httpd-2.0.x
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/httpd/'
                manufacturer: ASF
                why: mod_ssl designed for use with SSL library
          - version: httpd-2.2.x
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/httpd/'
                manufacturer: ASF
                why: >-
                  mod_ssl module and apr-util/ssl designed for use with SSL
                  library
          - version: apache_2.2.x-win32-*-openssl-*
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/httpd/'
                manufacturer: ASF
                why: >-
                  mod_ssl module and apr-util/ssl designed for use with SSL
                  library
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: Publicly available SSL encryption library
          - version: httpd-2.4.x
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/httpd/'
                manufacturer: ASF
                why: >-
                  mod_ssl module designed for use with SSL library,
                  apr-util/mod_session_crypto designed for use with encryption
                  library
      - name: Apache Flood
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/httpd/test/flood/'
                manufacturer: ASF
                why: Designed for use with SSL library
          - version: flood-0.4
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/httpd/flood/'
                manufacturer: ASF
                why: Designed for use with SSL library
      - name: Apache libapreq
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/httpd/apreq/'
                manufacturer: ASF
                why: Designed for use with Apache httpd 2.x
          - version: libapreq2
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/httpd/libapreq/'
                manufacturer: ASF
                why: Designed for use with Apache httpd 2.x
          - version: libapreq
            eccn: n/a
      - name: Apache mod_ftp
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/httpd/mod_ftp/'
                manufacturer: ASF
                why: Designed for use with Apache httpd 2.x
      - name: Apache mod_python
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/httpd/mod_python/'
                manufacturer: ASF
                why: Designed for use with Apache httpd 2.x
          - version: mod_python-*
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/httpd/modpython/'
                manufacturer: ASF
                why: Designed for use with Apache httpd 2.x
  - href: 'http://incubator.apache.org/'
    name: Apache Incubator Project
    contact: Roman Shaposhnik
    product:
      - name: Apache Abdera
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/incubator/abdera/java/'
                manufacturer: ASF
                why: Designed for use with the Apache XML Security Java API
          - version: all 0.*-incubating
            eccn: 5D002
            source:
              - href: 'http://people.apache.org/dist/incubator/abdera/'
                manufacturer: ASF
                why: Designed for use with the Apache XML Security Java API
              - href: 'http://archive.apache.org/dist/xml/security/java-library/'
                manufacturer: ASF
                why: >-
                  General-purpose XML encryption and digital signature
                  implementation
              - href: 'http://www.bouncycastle.org/download/bcmail-jdk15-134.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
              - href: 'http://www.bouncycastle.org/download/bcmail-jdk14-134.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.4.x
      - name: Apache Airavata
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/incubator/airavata/'
                manufacturer: ASF
                why: >-
                  Designed for use with the Bouncy Castle, Puretls and Cryptix
                  enryption libraries.
              - href: >-
                  http://svn.apache.org/repos/asf/incubator/pdfbox/trunk/external/bcprov-jdk14-132.jar
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java
              - href: 'http://www.cryptix.org/'
                manufacturer: The Cryptix project
                why: Provides cryptography for Java platform
              - href: 'http://www.rtfm.com/puretls/'
                manufacturer: Claymore Systems Puretls
                why: Provides Java implementation of the SSLv3 and TLSv1 protocols
              - href: 'http://www.globus.org/security/overview.html'
                manufacturer: Globus Project
                why: Provides implementation of Grid Security Infrastructure (GSI)
      - name: Apache CloudStack
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://jasypt.svn.sourceforge.net/svnroot/jasypt/trunk'
                manufacturer: JaSypt.org
                why: Publicly available encryption library
              - href: 'https://code.launchpad.net/~mysql/mysql-server/trunk'
                manufacturer: Oracle
                why: Publicly available database encryption libraries
              - href: 'http://www.bouncycastle.org/download/'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java
              - href: 'http://svn.apache.org/repos/asf/webservices/wss4j/trunk/'
                manufacturer: ASF
                why: Designed for use with encryption library
              - href: 'http://git.openswan.org/openswan.git'
                manufacturer: OpenSwan.org
                why: Designed for use with encryption library
              - href: 'http://www.jcraft.com/jsch/'
                manufacturer: 'JCraft, Inc.'
                why: provides encryption (SSH) library
              - href: >-
                  http://git-wip-us.apache.org/repos/asf/incubator-cloudstack.git
                manufacturer: ASF
                why: Makes use of publicly available encryption libraries
      - name: Apache Hop
        versions:
          - version: Development
            eccn: 5D002
            source:
              - href: 'https://github.com/apache/incubator-hop'
                manufacturer: ASF
                why: designed for use with encryption library
          - version: all releases
            eccn: 5D002
            source:
              - href: 'https://archive.apache.org/dist/incubator/hop/'
                manufacturer: ASF
                why: designed for use with encryption library
      - name: Apache Impala
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'https://git-wip-us.apache.org/repos/asf/incubator-impala.git'
                manufacturer: ASF
                why: Designed for use with OpenSSL.
          - version: 2.7.0 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/incubator/impala'
                manufacturer: ASF
                why: Designed for use with OpenSSL.
      - name: Apache Milagro
        versions:
          - version: Development - C Library
            eccn: 5D002
            source:
              - href: >-
                  https://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c.git
                manufacturer: ASF
                why: General purpose and Apache Milagro servers.
          - version: Development - JavaScript Library
            eccn: 5D002
            source:
              - href: >-
                  https://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-js.git
                manufacturer: ASF
                why: General purpose and Apache Milagro servers.
          - version: Development - Rust Library
            eccn: 5D002
            source:
              - href: >-
                  https://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-rust.git
                manufacturer: ASF
                why: General purpose and Apache Milagro servers.
          - version: Libraries and Servers 0.0.1 and later
            eccn: 5D002
            source:
              - href: >-
                  https://git-wip-us.apache.org/repos/asf/incubator-milagro-dta.git
                manufacturer: ASF
                why: 'Milagro C, Rust and JavaScript Libraries and Milagro Servers'
      - name: Apache NiFi
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://jasypt.svn.sourceforge.net/svnroot/jasypt/trunk'
                manufacturer: JaSypt.org
                why: Publicly available encryption library
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: >-
                  general-purpose cryptography library (JCE) and secure socket
                  (JSSE) included with Java
              - href: 'http://www.bouncycastle.org/download/'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java
              - href: 'http://www.jcraft.com/jsch/'
                manufacturer: 'JCraft, Inc.'
                why: provides encryption (SSH) library
              - href: 'http://git-wip-us.apache.org/repos/asf/incubator-nifi.git'
                manufacturer: ASF
                why: Makes use of publicly available encryption libraries
          - version: 0.0.1-incubating and later
            eccn: 5D002
            source:
              - href: 'http://jasypt.svn.sourceforge.net/svnroot/jasypt/trunk'
                manufacturer: JaSypt.org
                why: Publicly available encryption library
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: >-
                  general-purpose cryptography library (JCE) and secure socket
                  (JSSE) included with Java
              - href: 'http://www.bouncycastle.org/download/'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java
              - href: 'http://www.jcraft.com/jsch/'
                manufacturer: 'JCraft, Inc.'
                why: provides encryption (SSH) library
              - href: 'http://git-wip-us.apache.org/repos/asf/incubator-nifi.git'
                manufacturer: ASF
                why: Makes use of publicly available encryption libraries
      - name: Apache PDFBox
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/incubator/pdfbox/trunk/'
                manufacturer: ASF
                why: >-
                  Designed for use with the Java Cryptography Architecture (JCA)
                  and the Bouncy Castle enryption libraries.
              - href: >-
                  http://svn.apache.org/repos/asf/incubator/pdfbox/trunk/external/bcprov-jdk14-132.jar
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.4
              - href: >-
                  http://svn.apache.org/repos/asf/incubator/pdfbox/trunk/external/bcmail-jdk14-132.jar
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.4.x
      - name: Apache Pirk
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'https://git1-us-west.apache.org/repos/asf?p=incubator-pirk.git'
                manufacturer: ASF
                why: Includes cryptographic software implementation
          - version: 0.1.0-incubating and later
            eccn: 5D002
            source:
              - href: 'https://dist.apache.org/repos/dist/dev/incubator/pirk/'
                manufacturer: ASF
                why: Includes cryptographic software implementation
      - name: Apache Pulsar
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'https://github.com/apache/incubator-pulsar'
                manufacturer: ASF
                why: Designed for use with the Bouncy Castle enryption libraries.
              - href: >-
                  ftp://ftp.bouncycastle.org/pub/release1.55/bcprov-jdk15on-155.jar
                manufacturer: Bouncy Castle
                why: General-purpose encryption library
          - version: 1.20-incubating and greater
            eccn: 5D002
            source:
              - href: 'https://github.com/apache/incubator-pulsar'
                manufacturer: ASF
                why: Designed for use with the Bouncy Castle enryption libraries.
              - href: >-
                  ftp://ftp.bouncycastle.org/pub/release1.55/bcprov-jdk15on-155.jar
                manufacturer: Bouncy Castle
                why: General-purpose encryption library
      - name: Apache Shindig
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/incubator/shindig/'
                manufacturer: ASF
                why: designed for use with encryption library
      - name: Apache Slider
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'https://git-wip-us.apache.org/repos/asf/incubator-slider.git'
                manufacturer: ASF
                why: designed for use with encryption library
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: general-purpose cryptography library (JCE) included with Java
              - href: 'http://eclipse.org/jetty'
                manufacturer: The Eclipse Foundation
                why: SSL library for Jetty
          - version: 0.30-incubating
            eccn: 5D002
            source:
              - href: 'https://git-wip-us.apache.org/repos/asf/incubator-slider.git'
                manufacturer: ASF
                why: designed for use with encryption library
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: general-purpose cryptography library (JCE) included with Java
          - version: 0.40-incubating and later
            eccn: 5D002
            source:
              - href: 'https://git-wip-us.apache.org/repos/asf/incubator-slider.git'
                manufacturer: ASF
                why: designed for use with encryption library
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: general-purpose cryptography library (JCE) included with Java
              - href: 'http://eclipse.org/jetty'
                manufacturer: The Eclipse Foundation
                why: SSL library for Jetty
      - name: Apache Taverna
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: >-
                  https://git-wip-us.apache.org/repos/asf/incubator-taverna-language.git
                manufacturer: ASF
                why: Designed for use with Apache HttpComponents
              - href: >-
                  https://git-wip-us.apache.org/repos/asf/incubator-taverna-osgi.git
                manufacturer: ASF
                why: Designed for use with Apache HttpComponents
              - href: >-
                  https://git-wip-us.apache.org/repos/asf/incubator-taverna-engine.git
                manufacturer: ASF
                why: >-
                  Designed for use with Java Secure Socket Extension (JSSE),
                  Java Cryptography Extension (JCE), BouncyCastle crypto, Apache
                  Derby, Apache Taverna Language and Apache Taverna OSGi
              - href: >-
                  https://git-wip-us.apache.org/repos/asf/incubator-taverna-common-activities.git
                manufacturer: ASF
                why: >-
                  Designed for use with Java Secure Socket Extension (JSSE),
                  Jetty, Apache WSS4J, Apache XML Security for Java, Apache
                  HttpComponents and Apache Taverna Engine
              - href: >-
                  https://git-wip-us.apache.org/repos/asf/incubator-taverna-commandline.git
                manufacturer: ASF
                why: >-
                  Designed for use with Apache WSS4J, Apache XML Security for
                  Java, Apache HttpComponents, BouncyCastle crypto, Apache
                  Taverna Engine and Apache Taverna Common Activities
              - href: >-
                  https://git-wip-us.apache.org/repos/asf/incubator-taverna-server.git
                manufacturer: ASF
                why: >-
                  Designed for use with Java Secure Socket Extension (JSSE),
                  Java Cryptography Extension (JCE), BouncyCastle crypto, Apache
                  CXF and Apache Taverna Command Line
              - href: >-
                  https://git-wip-us.apache.org/repos/asf/incubator-taverna-workbench.git
                manufacturer: ASF
                why: >-
                  Designed for use with Java Secure Socket Extension (JSSE) and
                  Apache Taverna Engine
              - href: >-
                  https://git-wip-us.apache.org/repos/asf/incubator-taverna-workbench-common-activities.git
                manufacturer: ASF
                why: >-
                  Designed for use with Apache Taverna Workbench and Apache
                  Taverna Common Activities
              - href: >-
                  https://git-wip-us.apache.org/repos/asf/incubator-taverna-workbench-product.git
                manufacturer: ASF
                why: >-
                  Builds distribution that includes Apache WSS4J, Apache XML
                  Security for Java, Apache HttpComponents and BouncyCastle
                  crypto
              - href: >-
                  https://git-wip-us.apache.org/repos/asf/incubator-taverna-plugin-component.git
                manufacturer: ASF
                why: >-
                  Designed for use with Apache HttpComponents, Apache Taverna
                  Engine, Apache Taverna Common Activities
              - href: >-
                  https://git-wip-us.apache.org/repos/asf/incubator-taverna-plugin-bioinformatics.git
                manufacturer: ASF
                why: Designed for use with Apache Taverna Engine
              - href: >-
                  https://git-wip-us.apache.org/repos/asf/incubator-taverna-plugin-gis.git
                manufacturer: ASF
                why: >-
                  Designed for use with Apache Taverna Engine, Apache Taverna
                  Common Activities
              - href: >-
                  https://git-wip-us.apache.org/repos/asf/incubator-taverna-mobile.git
                manufacturer: ASF
                why: >-
                  Designed for use with Android SDK https support, Dropbox
                  Android SDK and Apache HttpComponent
              - href: >-
                  https://git-wip-us.apache.org/repos/asf/incubator-taverna-databundle-viewer.git
                manufacturer: ASF
                why: Designed for use with Ruby OpenSSL
              - href: 'http://bouncycastle.org/download/bcprov-jdk15on-154.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
              - href: 'http://eclipse.org/jetty'
                manufacturer: The Eclipse Foundation
                why: SSL library for Jetty
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: general-purpose cryptography library (JCE) included with Java
              - href: 'http://www.apache.org/dist/santuario/java-library/'
                manufacturer: ASF
                why: >-
                  General-purpose XML encryption and digital signature
                  implementation
              - href: >-
                  http://svn.apache.org/viewvc/santuario/xml-security-java/branches/1.5.x-fixes/
                manufacturer: ASF
                why: Implements XML Signature and Encryption specs
              - href: 'http://people.apache.org/dist/cxf/'
                manufacturer: ASF
                why: >-
                  Designed for use with the Apache XML Security Java API, WSS4J
                  and BouncyCastle crypto
              - href: 'http://archive.apache.org/dist/xml/security/java-library/'
                manufacturer: ASF
                why: >-
                  General-purpose XML encryption and digital signature
                  implementation
              - href: 'http://archive.apache.org/dist/db/derby/'
                manufacturer: ASF
                why: >-
                  designed for use with the Java Cryptography Extension (JCE)
                  API
              - href: 'https://www.dropbox.com/developers-v1/core/sdks/android'
                manufacturer: Dropbox
                why: >-
                  designed for use with Android SDK, adds a
                  SecureSSLSocketFactory
              - href: 'https://android.googlesource.com/'
                manufacturer: Google
                why: >-
                  includes encryption code adapted from OpenSSL, BouncyCastle,
                  BoringSSL
              - href: 'https://github.com/ruby/openssl'
                manufacturer: Ruby Programming Language
                why: designed for use with OpenSSL
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: Publicly available SSL encryption library
          - version: all releases
            eccn: 5D002
            source:
              - href: 'https://archive.apache.org/dist/incubator/taverna/'
                manufacturer: ASF
                why: >-
                  Designed for use with Apache CXF, Apache WSS4J, Apache XML
                  Security for Java, Apache HttpComponents, Apache Derby,
                  BouncyCastle crypto, Jetty, Java Secure Socket Extension
                  (JSSE), Java Cryptography Extension (JCE)
              - href: 'http://bouncycastle.org/download/bcprov-jdk15on-154.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
              - href: 'http://eclipse.org/jetty'
                manufacturer: The Eclipse Foundation
                why: SSL library for Jetty
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: general-purpose cryptography library (JCE) included with Java
              - href: 'http://www.apache.org/dist/santuario/java-library/'
                manufacturer: ASF
                why: >-
                  General-purpose XML encryption and digital signature
                  implementation
              - href: >-
                  http://svn.apache.org/viewvc/santuario/xml-security-java/branches/1.5.x-fixes/
                manufacturer: ASF
                why: Implements XML Signature and Encryption specs
              - href: 'http://people.apache.org/dist/cxf/'
                manufacturer: ASF
                why: >-
                  Designed for use with the Apache XML Security Java API, WSS4J
                  and BouncyCastle crypto
              - href: 'http://archive.apache.org/dist/xml/security/java-library/'
                manufacturer: ASF
                why: >-
                  General-purpose XML encryption and digital signature
                  implementation
              - href: 'http://archive.apache.org/dist/db/derby/'
                manufacturer: ASF
                why: >-
                  designed for use with the Java Cryptography Extension (JCE)
                  API
              - href: 'https://www.dropbox.com/developers-v1/core/sdks/android'
                manufacturer: Dropbox
                why: >-
                  designed for use with Android SDK, adds a
                  SecureSSLSocketFactory
              - href: 'https://android.googlesource.com/'
                manufacturer: Google
                why: >-
                  includes encryption code adapted from OpenSSL, BouncyCastle,
                  BoringSSL
              - href: 'https://github.com/ruby/openssl'
                manufacturer: Ruby Programming Language
                why: designed for use with OpenSSL
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: Publicly available SSL encryption library
      - name: Apache Trafodion
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: >-
                  https://git-wip-us.apache.org/repos/asf/incubator-trafodion.git
                manufacturer: ASF
                why: Designed for use with encryption libraries
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: Publicly available SSL encryption library
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: general-purpose cryptography library (JCE) included with Java
          - version: all releases
            eccn: 5D002
            source:
              - href: 'https://archive.apache.org/dist/incubator/trafodion/'
                manufacturer: ASF
                why: Designed for use with encryption libraries
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: Publicly available SSL encryption library
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: general-purpose cryptography library (JCE) included with Java
      - name: Apache Tuweni
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'https://git-wip-us.apache.org/repos/asf/incubator-tuweni.git'
                manufacturer: ASF
                why: Designed for use with encryption libraries
              - href: 'https://www.bouncycastle.org/download/bcprov-jdk15on-166.jar'
                manufacturer: Bouncy Castle
                why: general-purpose encryption library
              - href: 'https://www.bouncycastle.org/download/bcpkix-jdk15on-166.jar'
                manufacturer: Bouncy Castle
                why: >-
                  APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate
                  generation
          - version: all releases
            eccn: 5D002
            source:
              - href: 'https://archive.apache.org/dist/incubator/tuweni/'
                manufacturer: ASF
                why: Designed for use with encryption libraries
              - href: 'https://www.bouncycastle.org/download/bcprov-jdk15on-166.jar'
                manufacturer: Bouncy Castle
                why: general-purpose encryption library
              - href: 'https://www.bouncycastle.org/download/bcpkix-jdk15on-166.jar'
                manufacturer: Bouncy Castle
                why: >-
                  APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate
                  generation
      - name: Apache Whirr
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/incubator/whirr'
                manufacturer: ASF
                why: designed for use with encryption library
          - version: all 0.*-incubating
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/incubator/whirr/'
                manufacturer: ASF
                why: designed for use with encryption library
              - href: 'http://www.bouncycastle.org/download/bcmail-jdk14-129.tar.gz'
                manufacturer: Bouncy Castle
                why: general-purpose encryption library
              - href: 'http://www.jcraft.com/jsch/'
                manufacturer: 'JCraft, Inc.'
                why: provides encryption (SSH) library
              - href: 'http://juliusdavies.ca/commons-ssl/'
                manufacturer: Not-Yet-Commons-SSL
                why: general-purpose encryption library
  - href: 'http://jakarta.apache.org/jmeter'
    name: Apache Jakarta JMeter Project
    contact: Martin van den Bemt
    product:
      - name: Apache Jakarta JMeter
        versions:
          - version: 1.0 and later
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/jakarta/jmeter/'
                manufacturer: ASF
                why: >-
                  Designed for use with Java Secure Socket Extension (JSSE) and
                  Java Cryptography Extension (JCE)
  - href: 'http://james.apache.org/'
    name: Apache JAMES Project
    contact: Norman Maurer
    product:
      - name: Apache JAMES Server
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/james/server/'
                manufacturer: ASF
                why: includes bcmail encryption library
              - href: 'http://www.bouncycastle.org/download/bcmail-jdk14-129.tar.gz'
                manufacturer: Bouncy Castle
                why: general-purpose encryption library
          - version: 2.3.0 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/james/server/source/'
                manufacturer: ASF
                why: includes bcmail encryption library
              - href: 'http://www.bouncycastle.org/download/bcmail-jdk14-129.tar.gz'
                manufacturer: Bouncy Castle
                why: general-purpose encryption library
      - name: Apache JAMES jDKIM
        versions:
          - version: 0.1 and later
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/james/jdkim/'
                manufacturer: ASF
                why: Use crypto algorithm to sign and verify signatures
              - href: 'http://juliusdavies.ca/commons-ssl/'
                manufacturer: Not-Yet-Commons-SSL
                why: general-purpose encryption library
      - name: Apache JAMES Mailet Crypto
        versions:
          - version: 0.1 and later
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/james/mailet/trunk/crypto/'
                manufacturer: ASF
                why: Use crypto algorithm to sign and verify via SMIME
              - href: 'http://www.bouncycastle.org/download/bcmail-jdk16-146.jar'
                manufacturer: Bouncy Castle
                why: general-purpose encryption library
      - name: Apache JAMES Mime4J
        versions:
          - version: 0.4 and later
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/james/mime4j/'
                manufacturer: ASF
                why: >-
                  Use crypto algorithm to crypt and uncrypt temporary stored
                  data for protection
  - href: 'http://jena.apache.org/'
    name: Apache Jena
    contact: Andy Seaborne
    product:
      - name: Apache Jena (distribution)
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: >-
                  https://repository.apache.org/content/repositories/snapshots/org/apache/jena/
                manufacturer: ASF
                why: Designed for use with Java Secure Socket Extension (JSSE)
          - version: binary distribution
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/jena/'
                manufacturer: ASF
                why: Designed for use with Java Secure Socket Extension (JSSE)
              - href: >-
                  https://repository.apache.org/content/repositories/releases/org/apache/jena/
                manufacturer: ASF
                why: Designed for use with Java Secure Socket Extension (JSSE)
  - href: 'https://kafka.apache.org/'
    name: Apache Kafka Project
    contact: Rajini Sivaram
    product:
      - name: Apache Kafka
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'https://gitbox.apache.org/repos/asf?p=kafka.git'
                manufacturer: ASF
                why: >-
                  Designed for use with built-in Java Secure Socket Extension
                  (JSSE), Java Generic Security Services (GSS-API) and Java
                  Cryptography Extension (JCE)
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: >-
                  General-purpose Java Secure Socket Extension (JSSE), Java
                  Generic Security Services (GSS-API) and Java Cryptography
                  Extension (JCE)
          - version: 0.10.2 and later
            eccn: 5D002
            source:
              - href: 'https://gitbox.apache.org/repos/asf?p=kafka.git'
                manufacturer: ASF
                why: >-
                  Designed for use with built-in Java Secure Socket Extension
                  (JSSE), Java Generic Security Services (GSS-API) and Java
                  Cryptography Extension (JCE)
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: >-
                  General-purpose Java Secure Socket Extension (JSSE), Generic
                  Security Services (GSS-API) and Java Cryptography Extension
                  (JCE) included with Java
          - version: 0.9.0 and later
            eccn: 5D002
            source:
              - href: 'https://gitbox.apache.org/repos/asf?p=kafka.git'
                manufacturer: ASF
                why: >-
                  Designed for use with built-in Java Secure Socket Extension
                  (JSSE) and Java Generic Security Services (GSS-API)
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: >-
                  General-purpose Java Secure Socket Extension (JSSE) and Java
                  Generic Security Services (GSS-API) included with Java
  - href: 'http://kudu.apache.org'
    name: Apache Kudu Project
    contact: Todd Lipcon
    product:
      - name: Apache Kudu
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'https://git-wip-us.apache.org/repos/asf/kudu.git'
                manufacturer: ASF
                why: >-
                  Designed for use with OpenSSL. Designed for use with Java SE
                  Security libraries including Java Secure Socket Extension
                  (JSSE), Java Generic Security Service (JGSS), and Java
                  Authentication and Authorization APIs (JAAS).
          - version: 1.1.0 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/kudu/'
                manufacturer: ASF
                why: >-
                  Designed for use with OpenSSL. Designed for use with Java SE
                  Security libraries including Java Secure Socket Extension
                  (JSSE), Java Generic Security Service (JGSS), and Java
                  Authentication and Authorization APIs (JAAS).
  - href: 'http://labs.apache.org'
    name: Apache Labs Project
    contact: Bernd Fondermann
    product:
      - name: Apache BaDCA
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/labs/badca/'
                manufacturer: ASF
                why: >-
                  BaDCA includes an interface to OpenSSL cryptographic functions
                  for use in creating CA's and signing certificates.
      - name: Apache Vysper
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/labs/vysper/'
                manufacturer: ASF
                why: Includes Bounty Castle bcprov encryption library
              - href: 'http://www.bouncycastle.org/download/bcprov-jdk15-135.tar.gz'
                manufacturer: Bouncy Castle
                why: general-purpose encryption library
  - href: 'http://lucene.apache.org'
    name: Apache Lucene Project
    contact: Grant Ingersoll
    product:
      - name: Apache Nutch
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/lucene/nutch/trunk/'
                manufacturer: ASF
                why: >-
                  Designed for use with the PDFBox decrypt API in the parse-pdf
                  plugin
          - version: 0.7 and later
            eccn: 5D002
            source:
              - href: 'http://www.apache.org/dist/lucene/nutch/'
                manufacturer: ASF
                why: >-
                  Designed for use with the PDFBox decrypt API in the parse-pdf
                  plugin
              - href: >-
                  http://sourceforge.net/project/showfiles.php?group_id=78314&package_id=79377&release_id=454954
                manufacturer: PDFBox
                why: >-
                  PDFBox is a Java PDF Library. This project will allow access
                  to all of the components in a PDF document. More PDF
                  manipulation features will be added as the project matures.
                  This ships with a utility to take a PDF document and output a
                  text file.
      - name: Apache Solr
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/lucene/solr/trunk/'
                manufacturer: ASF
                why: >-
                  Designed for use with the Apache Tika API in the
                  contrib/extraction libraries
          - version: 1.4 and later
            eccn: 5D002
            source:
              - href: 'http://www.apache.org/dist/lucene/solr/'
                manufacturer: ASF
                why: >-
                  Designed for use with the Apache Tika API in the
                  contrib/extraction libraries
              - href: 'http://svn.apache.org/repos/asf/lucene/tika/trunk/'
                manufacturer: Apache Tika
                why: >-
                  Apache Tika is a Java Content Extraction Library. This project
                  will allow access to all of the components in a PDF document.
      - name: Apache Tika
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/lucene/tika/trunk/'
                manufacturer: ASF
                why: Designed for use with the Bouncy Castle encryption libraries
          - version: 0.2-incubating and later
            eccn: 5D002
            source:
              - href: 'http://www.apache.org/dist/lucene/tika/'
                manufacturer: ASF
                why: Designed for use with the Bouncy Castle encryption libraries
              - href: 'http://www.bouncycastle.org/download/bcprov-jdk14-136.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.4
              - href: 'http://www.bouncycastle.org/download/bcmail-jdk14-136.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.4.x
  - href: 'http://myfaces.apache.org/'
    name: Apache MyFaces Project
    contact: Dennis Byrne
    product:
      - name: Apache MyFaces
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/myfaces/'
                manufacturer: ASF
                why: designed for use with encryption library
          - version: 1.1.2 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/myfaces/'
                manufacturer: ASF
                why: designed for use with encryption library
  - href: 'http://mynewt.apache.org/'
    name: Apache Mynewt (incubating) Project
    contact: Sterling Hughes
    product:
      - name: Apache Mynewt
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: >-
                  https://git-wip-us.apache.org/repos/asf?p=incubator-mynewt-core.git;a=tree;f=crypto/mbedtls;h=d5f6a7013f36a68d25b9232769a273e990278477;hb=HEAD
                manufacturer: ARM mbed
                why: >-
                  Uses open source mbed TLS for cryptographic and SSL/TLS
                  capabilities
              - href: >-
                  https://git-wip-us.apache.org/repos/asf?p=incubator-mynewt-core.git;a=tree;f=crypto/tinycrypt;h=13294d0db5cdf2b0e882839f8c204d7d2ddd3bd1;hb=HEAD
                manufacturer: TinyCrypt
                why: >-
                  Uses open source cryptography library with small footprint for
                  constrained devices.
              - href: >-
                  https://git-wip-us.apache.org/repos/asf?p=incubator-mynewt-core.git;a=tree;f=net/ip/lwip_base/src/netif/ppp/polarssl;h=47a41b927b1faff57e562b0dac21c82c040e8025;hb=HEAD
                manufacturer: PolarSSL
                why: >-
                  Uses lightweight open source crypto blocks for ARM and MIPS
                  architectures.
  - href: 'http://oltu.apache.org//'
    name: Apache Oltu Project
    contact: Antonio Sanso
    product:
      - name: Apache Oltu
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/oltu/'
                manufacturer: ASF
                why: designed for use with encryption library
  - href: 'http://ofbiz.apache.org/'
    name: Apache Open For Business Project
    contact: David E. Jones
    product:
      - name: Apache Open For Business
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/ofbiz/trunk/'
                manufacturer: ASF
                why: >-
                  Designed for use with Java Secure Socket Extension (JSSE) and
                  Java Cryptography Extension (JCE)
          - version: 4.0 release branch
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/ofbiz/branches/release4.0/'
                manufacturer: ASF
                why: >-
                  Designed for use with Java Secure Socket Extension (JSSE) and
                  Java Cryptography Extension (JCE)
  - href: 'http://openejb.apache.org/'
    name: Apache OpenEJB Project
    contact: David Blevins
    product:
      - name: Apache OpenEJB
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/openejb/'
                manufacturer: ASF
                why: designed for use with encryption library
          - version: 1.0 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/openejb/'
                manufacturer: ASF
                why: designed for use with encryption library
          - version: All 0.x
            eccn: n/a
  - href: 'https://orc.apache.org/'
    name: Apache ORC Project
    contact: Owen O'Malley
    product:
      - name: Apache ORC
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'https://github.com/apache/orc'
                manufacturer: ASF
                why: Designed for use with built in Java encryption libraries
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: Publicly available SSL encryption library
          - version: 1.6.0 and on
            eccn: 5D002
            source:
              - href: 'https://github.com/apache/orc'
                manufacturer: ASF
                why: Designed for use with built in Java encryption libraries
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: Publicly available SSL encryption library
  - href: 'http://perl.apache.org/'
    name: Apache Perl Project
    contact: Geoffrey Young
    product:
      - name: mod_perl
        versions:
          - version: Perl-*-win32-bin-*.exe
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/perl/win32-bin/'
                manufacturer: ASF
                why: mod_perl module and Perl designed for use with SSL library
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: Publicly available SSL encryption library
  - href: 'http://poi.apache.org/'
    name: Apache POI Project
    contact: Nick Burch
    product:
      - name: Apache POI
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/poi/'
                manufacturer: ASF
                why: Designed for use with Java Cryptography Extension (JCE)
          - version: 3.5 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/poi/'
                manufacturer: ASF
                why: Designed for use with Java Cryptography Extension (JCE)
  - href: 'http://polygene.apache.org/'
    name: Apache Polygene Project
    contact: Niclas Hedhman
    product:
      - name: Apache Polygene
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: >-
                  https://git-wip-us.apache.org/repos/asf?p=polygene-java.git;a=tree;hb=develop
                manufacturer: ASF
                why: Designed for use with Java Cryptography Extensions (JCE)
              - href: www.bouncycastle.org/download/bcprov-jdk15on-156.tar.gz
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
          - version: '2.1'
            eccn: 5D002
            source:
              - href: >-
                  https://git-wip-us.apache.org/repos/asf?p=polygene-java.git;a=tree;hb=a789141d5af7f9137dddb9bfc0f0e0af47ebec2d
                manufacturer: ASF
                why: Designed for use with Java Cryptography Extensions (JCE)
              - href: www.bouncycastle.org/download/bcprov-jdk15on-152.tar.gz
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
  - href: 'http://shiro.apache.org/'
    name: Apache Shiro Project
    contact: Les Hazlewood
    product:
      - name: Apache Shiro
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/shiro/'
                manufacturer: ASF
                why: Designed for use with Java Cryptography Extensions (JCE)
          - version: 1.1 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/shiro/'
                manufacturer: ASF
                why: Designed for use with Java Cryptography Extensions (JCE)
          - version: '1.0'
            eccn: 5D002
            source:
              - href: 'http://www.apache.org/dist/incubator/shiro'
                manufacturer: ASF
                why: Designed for use with Java Cryptography Extensions (JCE)
          - version: All 0.x
            eccn: n/a
  - href: 'http://servicemix.apache.org/'
    name: Apache ServiceMix Project
    contact: Guillaume Nodet
    product:
      - name: Apache ServiceMix 3.x
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/servicemix/smx3/trunk'
                manufacturer: ASF
                why: designed for use with encryption library
              - href: 'http://archive.apache.org/dist/xml/security/java-library/'
                manufacturer: ASF
                why: >-
                  General-purpose XML encryption and digital signature
                  implementation
              - href: >-
                  ftp://ftp.bouncycastle.org/pub/release1.36/bcprov-jdk14-136.tar.gz
                manufacturer: Bouncy Castle
                why: General-purpose encryption library API for Java 1.4.x
          - version: All 3.x versions
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/servicemix/servicemix-3'
                manufacturer: ASF
                why: designed for use with encryption library
              - href: 'http://archive.apache.org/dist/xml/security/java-library/'
                manufacturer: ASF
                why: >-
                  General-purpose XML encryption and digital signature
                  implementation
              - href: >-
                  ftp://ftp.bouncycastle.org/pub/release1.36/bcprov-jdk14-136.tar.gz
                manufacturer: Bouncy Castle
                why: General-purpose encryption library API for Java 1.4.x
      - name: Apache ServiceMix 4.x
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/servicemix/smx4/features/trunk'
                manufacturer: ASF
                why: designed for use with encryption library
          - version: 4.0-m1
            eccn: n/a
      - name: Apache ServiceMix NMR
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/servicemix/smx4/nmr/trunk'
                manufacturer: ASF
                why: designed for use with encryption library
          - version: '1.0-m1, 1.0-m2'
            eccn: n/a
      - name: Apache ServiceMix Kernel
        versions:
          - version: development
            eccn: n/a
          - version: All 1.0 milestones
            eccn: n/a
  - href: 'http://servicecomb.apache.org/'
    name: Apache ServiceComb Project
    contact: Willem Jiang
    product:
      - name: Apache ServiceComb Java-Chassis
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: >-
                  https://gitbox.apache.org/repos/asf/servicecomb-java-chassis.git
                manufacturer: ASF
                why: Designed for use with built in Java encryption libraries
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: General-purpose cryptography library (JCE) included with Java
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: General-purpose cryptography library included with OpenSSL
          - version: 1.0.0-m1 and later
            eccn: 5D002
            source:
              - href: >-
                  https://gitbox.apache.org/repos/asf/servicecomb-java-chassis.git
                manufacturer: ASF
                why: Designed for use with built in Java encryption libraries
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: General-purpose cryptography library (JCE) included with Java
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: General-purpose cryptography library included with OpenSSL
      - name: Apache ServiceComb Service-Center
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: >-
                  https://gitbox.apache.org/repos/asf/servicecomb-service-center.git
                manufacturer: ASF
                why: Designed for use with built in Java encryption libraries
              - href: 'https://github.com/golang/go/tree/master/src/crypto'
                manufacturer: The golang Project
                why: General-purpose cryptography with Go Language
          - version: 1.0.0-m1 and later
            eccn: 5D002
            source:
              - href: >-
                  https://gitbox.apache.org/repos/asf/servicecomb-service-center.git
                manufacturer: ASF
                why: Designed for use with built in Java encryption libraries
              - href: 'https://github.com/golang/go/tree/master/src/crypto'
                manufacturer: The golang Project
                why: General-purpose cryptography with Go Language
      - name: Apache ServiceComb Pack
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'https://gitbox.apache.org/repos/asf/servicecomb-pack.git'
                manufacturer: ASF
                why: Designed for use with built in Java encryption libraries
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: General-purpose cryptography library (JCE) included with Java
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: General-purpose cryptography library included with OpenSSL
          - version: 0.2.0 and later
            eccn: 5D002
            source:
              - href: 'https://gitbox.apache.org/repos/asf/servicecomb-pack.git'
                manufacturer: ASF
                why: Designed for use with built in Java encryption libraries
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: General-purpose cryptography library (JCE) included with Java
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: General-purpose cryptography library included with OpenSSL
  - href: 'http://rocketmq.apache.org/'
    name: Apache RocketMQ Project
    contact: Heng Du
    product:
      - name: Apache RocketMQ
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'https://gitbox.apache.org/repos/asf?p=rocketmq.git'
                manufacturer: ASF
                why: Designed for use with built in Java encryption libraries
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: General-purpose cryptography library (JCE) included with Java
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: General-purpose cryptography library included with OpenSSL
          - version: rocketmq-4.0.0-incubating and later
            eccn: 5D002
            source:
              - href: 'https://gitbox.apache.org/repos/asf?p=rocketmq.git'
                manufacturer: ASF
                why: Designed for use with built in Java encryption libraries
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: General-purpose cryptography library (JCE) included with Java
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: General-purpose cryptography library included with OpenSSL
      - name: Apache RocketMQ ONS
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'https://gitbox.apache.org/repos/asf?p=rocketmq-ons.git'
                manufacturer: ASF
                why: Designed for use with built in Java encryption libraries
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: General-purpose cryptography library (JCE) included with Java
          - version: 1.8.0 and later
            eccn: 5D002
            source:
              - href: 'https://gitbox.apache.org/repos/asf?p=rocketmq-ons.git'
                manufacturer: ASF
                why: Designed for use with built in Java encryption libraries
              - href: >-
                  http://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: General-purpose cryptography library (JCE) included with Java
  - href: 'http://apr.apache.org/'
    name: Apache Portable Runtime Project
    contact: Garrett Rooney
    product:
      - name: APR
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/apr/apr/'
                manufacturer: ASF
                why: designed for use with encryption library
      - name: APR-Util
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/apr/apr-util/'
                manufacturer: ASF
                why: designed for use with encryption library
          - version: '0.9.x, 1.2.x'
            eccn: n/a
          - version: 1.4.x and later
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/apr/apr-util/'
                manufacturer: ASF
                why: designed for use with encryption library
  - href: 'http://santuario.apache.org/'
    name: Apache Santuario Project
    contact: Colm O hEigeartaigh
    product:
      - name: Apache XML Security for Java
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: >-
                  http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/
                manufacturer: ASF
                why: Implements XML Signature and Encryption specs
          - version: 1.5.x
            eccn: 5D002
            source:
              - href: >-
                  http://svn.apache.org/viewvc/santuario/xml-security-java/branches/1.5.x-fixes/
                manufacturer: ASF
                why: Implements XML Signature and Encryption specs
      - name: Apache XML Security for C++
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/viewvc/santuario/xml-security-cpp/trunk/'
                manufacturer: ASF
                why: Implements XML Signature and Encryption specs
  - href: 'http://spamassassin.apache.org/'
    name: Apache SpamAssassin Project
    contact: Justin Mason
    product:
      - name: Apache SpamAssassin
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/spamassassin'
                manufacturer: ASF
                why: designed for use with SSL library
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: Publicly available SSL encryption library
              - href: 'http://search.cpan.org/dist/IO-Socket-SSL/'
                manufacturer: Steffen Ullrich
                why: Publicly available SSL encryption library
          - version: 3.0.x and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/spamassassin/'
                manufacturer: ASF
                why: designed for use with SSL library
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: Publicly available SSL encryption library
              - href: 'http://search.cpan.org/dist/IO-Socket-SSL/'
                manufacturer: Steffen Ullrich
                why: Publicly available SSL encryption library
  - href: 'https://spark.apache.org/'
    name: Apache Spark Project
    contact: Matei Zaharia
    product:
      - name: Apache Spark
        versions:
          - version: 2.2.0 through 2.3.x
            eccn: 5D002
            source:
              - href: 'https://git-wip-us.apache.org/repos/asf/commons-crypto.git'
                manufacturer: ASF
                why: Authentication and encryption/decryption of network traffic
              - href: 'http://bouncycastle.org/download/bcprov-jdk15on-158.jar'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java
          - version: 2.4.0 and later
            eccn: 5D002
            source:
              - href: 'https://git-wip-us.apache.org/repos/asf/commons-crypto.git'
                manufacturer: ASF
                why: Authentication and encryption/decryption of network traffic
  - href: 'http://tomcat.apache.org/'
    name: Apache Tomcat Project
    contact: Mladen Turk
    product:
      - name: Apache Tomcat
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/tomcat/'
                manufacturer: ASF
                why: Designed for use with Java Secure Socket Extension (JSSE)
          - version: 3.x and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/tomcat/'
                manufacturer: ASF
                why: Designed for use with Java Secure Socket Extension (JSSE)
      - name: Apache Tomcat native connector
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/tomcat/connectors/'
                manufacturer: ASF
                why: Designed for use with Java Secure Socket Extension (JSSE)
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: Publicly available SSL encryption library
          - version: 1.x and later
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/tomcat/connectors/'
                manufacturer: ASF
                why: Designed for use with Java Secure Socket Extension (JSSE)
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: Publicly available SSL encryption library
  - href: 'http://uima.apache.org/'
    name: Apache UIMA Project
    contact: Marshall Schor
    product:
      - name: Apache UIMA-AS
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: >-
                  http://svn.apache.org/repos/asf/incubator/uima/sandbox/trunk/uima-as
                manufacturer: ASF
                why: >-
                  Designed for use with Apache ActiveMQ, and UIMA-AS includes
                  Apache ActiveMQ in its distribution
          - version: all releases starting with 2.2.2-incubating
            eccn: 5D002
            source:
              - href: 'http://people.apache.org/dist/incubator/uima/source/uima-as/'
                manufacturer: ASF
                why: >-
                  Designed for use with Apache ActiveMQ, and UIMA-AS includes
                  Apache ActiveMQ in its distribution
      - name: Apache UIMA Addons
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/uima/addons/trunk'
                manufacturer: ASF
                why: >-
                  Designed for use with, and includes, Apache Tika, which is in
                  turn classifed 5D002
          - version: 2.3.0 and later
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/uima/addons/trunk'
                manufacturer: ASF
                why: >-
                  Designed for use with, and includes, Apache Tika, which is in
                  turn classifed 5D002
      - name: Apache UIMA Addon Tika Annotator
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: >-
                  http://svn.apache.org/repos/asf/uima/addons/trunk/TikaAnnotator
                manufacturer: ASF
                why: >-
                  Designed for use with, and includes, Apache Tika, which is in
                  turn classifed 5D002
          - version: 2.3.0 and later
            eccn: 5D002
            source:
              - href: >-
                  http://svn.apache.org/repos/asf/uima/addons/trunk/TikaAnnotator
                manufacturer: ASF
                why: >-
                  Designed for use with, and includes, Apache Tika, which is in
                  turn classifed 5D002
      - name: Apache UIMA-DUCC
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/uima/sandbox/uima-ducc'
                manufacturer: ASF
                why: >-
                  Designed for use with Apache ActiveMQ, and UIMA-DUCC includes
                  Apache ActiveMQ in its distribution
          - version: all releases starting with 1.0
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/uima/ducc'
                manufacturer: ASF
                why: >-
                  Designed for use with Apache ActiveMQ, and UIMA-DUCC includes
                  Apache ActiveMQ in its distribution
  - href: 'http://vcl.apache.org/'
    name: Apache VCL Project
    contact: Andy Kurth
    product:
      - name: Apache VCL
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/vcl/trunk/'
                manufacturer: ASF
                why: Designed for use with encryption library
          - version: 2.1 to 2.2.2
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/vcl/'
                manufacturer: ASF
                why: Designed for use with encryption library
          - version: 2.3 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/vcl/'
                manufacturer: ASF
                why: Designed for use with encryption library
              - href: 'https://github.com/phpseclib/phpseclib'
                manufacturer: phpseclib
                why: Publicly available encryption library
  - href: 'http://ws.apache.org/'
    name: Apache Web Services Project
    contact: Ruchith Fernando
    product:
      - name: Apache WSS4J
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/webservices/wss4j/trunk/'
                manufacturer: ASF
                why: Designed for use with encryption library
              - href: www.bouncycastle.org/download/bcprov-jdk15on-151.tar.gz
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java
              - href: 'http://www.apache.org/dist/santuario/java-library/'
                manufacturer: ASF
                why: >-
                  General-purpose XML encryption and digital signature
                  implementation
          - version: '1.6'
            eccn: 5D002
            source:
              - href: >-
                  http://svn.apache.org/repos/asf/webservices/wss4j/branches/1_6_x-fixes/
                manufacturer: ASF
                why: Designed for use with encryption library
              - href: www.bouncycastle.org/download/bcprov-jdk15on-151.tar.gz
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java
              - href: 'http://www.apache.org/dist/santuario/java-library/'
                manufacturer: ASF
                why: >-
                  General-purpose XML encryption and digital signature
                  implementation
          - version: 1.0 to 1.5
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/ws/wss4j/'
                manufacturer: ASF
                why: Designed for use with encryption library
              - href: 'http://www.bouncycastle.org/download/bcprov-jdk13-132.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.3
              - href: 'http://www.bouncycastle.org/download/bcmail-jdk15-132.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
              - href: 'http://archive.apache.org/dist/santuario/java-library/'
                manufacturer: ASF
                why: >-
                  General-purpose XML encryption and digital signature
                  implementation
      - name: Apache Rampart/Java
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/webservices/rampart/trunk/java'
                manufacturer: ASF
                why: Designed for use with encryption library
              - href: 'http://www.bouncycastle.org/download/bcprov-jdk13-132.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.3
              - href: 'http://www.bouncycastle.org/download/bcmail-jdk15-132.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
              - href: 'http://xml.apache.org/security/dist/java-library/'
                manufacturer: Apache Santuario
                why: >-
                  General-purpose XML encryption and digital signature
                  implementation
          - version: 1.1 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/ws/rampart/'
                manufacturer: ASF
                why: Designed for use with encryption library
              - href: 'http://www.bouncycastle.org/download/bcprov-jdk13-132.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.3
              - href: 'http://www.bouncycastle.org/download/bcmail-jdk15-132.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
              - href: 'http://xml.apache.org/security/dist/java-library/'
                manufacturer: Apache Santuario
                why: >-
                  General-purpose XML encryption and digital signature
                  implementation
      - name: Apache Rampart/C
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/webservices/rampart/trunk/c/'
                manufacturer: ASF
                why: Designed for use with encryption library
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: Publicly available SSL encryption library
          - version: 0.09 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/ws/rampart/c/'
                manufacturer: ASF
                why: Designed for use with encryption library
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: Publicly available SSL encryption library
      - name: Apache Synapse
        versions:
          - version: '1.0, 1.1, 1.1.1, 1.2, 2.0.0'
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/synapse/'
                manufacturer: ASF
                why: Designed for use with encryption library
              - href: 'http://www.bouncycastle.org/download/bcprov-jdk13-132.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.3
              - href: 'http://www.bouncycastle.org/download/bcmail-jdk15-132.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
              - href: 'http://www.bouncycastle.org/download/bcprov-ext-jdk15-140.jar'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
              - href: 'http://www.bouncycastle.org/download/bcprov-jdk14-140.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
              - href: 'http://xml.apache.org/security/dist/java-library/'
                manufacturer: Apache Santuario
                why: >-
                  General-purpose XML encryption and digital signature
                  implementation
  - href: 'http://synapse.apache.org/'
    name: Apache Synapse Project
    contact: Paul Fremantle
    product:
      - name: Apache Synapse
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/synapse'
                manufacturer: ASF
                why: Designed for use with encryption library
              - href: 'http://www.bouncycastle.org/download/bcprov-jdk13-132.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.3
              - href: 'http://www.bouncycastle.org/download/bcmail-jdk15-132.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
              - href: 'http://www.bouncycastle.org/download/bcprov-ext-jdk15-140.jar'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
              - href: 'http://www.bouncycastle.org/download/bcprov-jdk14-140.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
              - href: 'http://xml.apache.org/security/dist/java-library/'
                manufacturer: Apache Santuario
                why: >-
                  General-purpose XML encryption and digital signature
                  implementation
          - version: 1.1.1 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/synapse/'
                manufacturer: ASF
                why: Designed for use with encryption library
              - href: 'http://www.bouncycastle.org/download/bcprov-jdk13-132.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.3
              - href: 'http://www.bouncycastle.org/download/bcmail-jdk15-132.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
              - href: 'http://xml.apache.org/security/dist/java-library/'
                manufacturer: Apache Santuario
                why: >-
                  General-purpose XML encryption and digital signature
                  implementation
  - href: 'http://wicket.apache.org/'
    contact: Janne Hietamaki
    name: Apache Wicket Project
    product:
      - name: Apache Wicket
        versions:
          - version: '1.3, development'
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/wicket/'
                manufacturer: ASF
                why: designed for use with encryption library
  - href: 'http://mina.apache.org/'
    name: Apache MINA Project
    contact: Julien Vermillard
    product:
      - name: Apache MINA
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/mina/trunk'
                manufacturer: ASF
                why: >-
                  designed for use with the Java Cryptography Extension (JCE)
                  API
          - version: '1.0, 1.1, 2.0'
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/mina/'
                manufacturer: ASF
                why: >-
                  designed for use with the Java Cryptography Extension (JCE)
                  API
      - name: Apache Vysper
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/mina/sandbox/vysper'
                manufacturer: ASF
                why: >-
                  designed for use with the Java Cryptography Extension (JCE)
                  API
              - href: 'http://www.bouncycastle.org/download/bcprov-jdk15-140.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
      - name: Apache FtpServer
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/mina/ftpserver'
                manufacturer: ASF
                why: >-
                  designed for use with the Java Cryptography Extension (JCE)
                  API
          - version: '1.0'
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/mina/ftpserver/'
                manufacturer: ASF
                why: >-
                  designed for use with the Java Cryptography Extension (JCE)
                  API
      - name: Apache SSHD
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/mina/sshd'
                manufacturer: ASF
                why: >-
                  designed for use with the Java Cryptography Extension (JCE)
                  API
              - href: 'http://www.bouncycastle.org/download/bcprov-jdk15-140.tar.gz'
                manufacturer: Bouncy Castle
                why: General-purpose encryption library for Java 1.5
  - href: 'http://wookie.apache.org/'
    name: Apache Wookie Project
    contact: Scott Wilson
    product:
      - name: Apache Wookie
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'http://svn.apache.org/repos/asf/wookie/'
                manufacturer: ASF
                why: designed for use with encryption library
              - href: 'http://archive.apache.org/dist/santuario/java-library/'
                manufacturer: Apache Santuario
                why: >-
                  General-purpose XML encryption and digital signature
                  implementation
          - version: 0.13 and later
            eccn: 5D002
            source:
              - href: 'http://archive.apache.org/dist/wookie/'
                manufacturer: ASF
                why: designed for use with encryption library
              - href: 'http://archive.apache.org/dist/santuario/java-library/'
                manufacturer: Apache Santuario
                why: >-
                  General-purpose XML encryption and digital signature
                  implementation
  - href: 'http://ignite.apache.org/'
    name: Apache Ignite Project
    contact: Denis Magda
    product:
      - name: Apache Ignite
        versions:
          - version: development
            eccn: 5D002
            source:
              - href: 'https://gitbox.apache.org/repos/asf/ignite.git'
                manufacturer: ASF
                why: >-
                  Designed to use with built-in Java Cryptography Architecture
                  (JCA)
              - href: >-
                  https://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: Designed to use with built-in Java encryption libraries (JCE)
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: >-
                  Designed to use General Purpose cryptography library included
                  with OpenSSL
              - href: 'https://dotnet.microsoft.com/download'
                manufacturer: Microsoft
                why: Designed to use .NET Framework Cryptography Model
              - href: 'https://dotnet.microsoft.com/download'
                manufacturer: .NET Foundation
                why: 'Designed to use .NET Core, and build in Cryptography'
              - href: 'http://www.jcraft.com/jsch/'
                manufacturer: 'JCraft, Inc.'
                why: Provides encryption SSH library
              - href: 'http://eclipse.org/jetty'
                manufacturer: The Eclipse Foundation
                why: HTTPS support in Jetty (uses SSL)
          - version: 2.5.0 - latest
            eccn: 5D002
            source:
              - href: 'https://gitbox.apache.org/repos/asf/ignite.git'
                manufacturer: ASF
                why: >-
                  Designed to use with built-in Java Cryptography Architecture
                  (JCA)
              - href: >-
                  https://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: Designed to use with built-in Java encryption libraries (JCE)
              - href: 'http://www.openssl.org/source/'
                manufacturer: The OpenSSL Project
                why: >-
                  Designed to use General Purpose cryptography library included
                  with OpenSSL
              - href: 'https://dotnet.microsoft.com/download'
                manufacturer: Microsoft
                why: Designed to use .NET Framework Cryptography Model
              - href: 'https://dotnet.microsoft.com/download'
                manufacturer: .NET Foundation
                why: 'Designed to use .NET Core, and build in Cryptography'
              - href: 'http://www.jcraft.com/jsch/'
                manufacturer: 'JCraft, Inc.'
                why: Provides encryption SSH library
              - href: 'http://eclipse.org/jetty'
                manufacturer: The Eclipse Foundation
                why: HTTPS support in Jetty (uses SSL)
          - version: 2.4.0
            eccn: 5D002
            source:
              - href: 'https://gitbox.apache.org/repos/asf/ignite.git'
                manufacturer: ASF
                why: >-
                  Designed to use with built-in Java Cryptography Architecture
                  (JCA)
              - href: >-
                  https://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: Designed to use with built-in Java encryption libraries (JCE)
              - href: 'https://dotnet.microsoft.com/download'
                manufacturer: Microsoft
                why: Designed to use .NET Framework Cryptography Model
              - href: 'https://dotnet.microsoft.com/download'
                manufacturer: .NET Foundation
                why: 'Designed to use .NET Core, and build in Cryptography'
              - href: 'http://www.jcraft.com/jsch/'
                manufacturer: 'JCraft, Inc.'
                why: Provides encryption SSH library
              - href: 'http://eclipse.org/jetty'
                manufacturer: The Eclipse Foundation
                why: HTTPS support in Jetty (uses SSL)
          - version: 1.0.0 - 2.3.0
            eccn: 5D002
            source:
              - href: 'https://gitbox.apache.org/repos/asf/ignite.git'
                manufacturer: ASF
                why: >-
                  Designed to use with built-in Java Cryptography Architecture
                  (JCA)
              - href: >-
                  https://www.oracle.com/technetwork/java/javase/downloads/index.html
                manufacturer: Oracle
                why: Designed to use with built-in Java encryption libraries (JCE)
              - href: 'http://www.jcraft.com/jsch/'
                manufacturer: 'JCraft, Inc.'
                why: Provides encryption SSH library
              - href: 'http://eclipse.org/jetty'
                manufacturer: The Eclipse Foundation
                why: HTTPS support in Jetty (uses SSL)