Hello, I'm a founder of HashiCorp and I'd like to explain this.
First, this document only applies to enterprise evaluation software. This doesn't apply to our OSS software and this shouldn't be linked anywhere near our OSS except in the context of signing up for an enterprise eval.
Most importantly: why is this here? This is NOT a political statement. This is a legal requirement. The encryption we use in Vault is subject to Chinese export control laws and it is illegal for us (by Chinese law) to sell in China.
To be able to sell Vault within China we'd have to restrict the encryption that could be used within Vault to government-acceptable versions.
We don't do this, therefore it is illegal for us to sell in China. We have to include this line in our enterprise terms.
EDIT: Our legal team has updated the copy in our terms to be more explicit. You can read the updated copy in the second paragraph here: https://www.hashicorp.com/terms-of-evaluation
It's interesting to me that it's Chinese export control laws that affect you. Normally when you hear about this kind of thing, it's the US export restrictions causing the issue. Does that not apply in this case? And wouldn't you be importing into China? (IANAL, genuinely asking)
Exactly, which is why OP's clarification is welcomed. I too made the same assumption as you did, or rather thought it was some political statement based on our current geopolitical climate.
But no, it's the Chinese looking to force a US company to use their pre-approved encryption for reasons that should be obvious.
Good question. It's not like IP protection is practical in China--this software WILL be used in China against license. It's also basically impossible to hold Chinese companies (often entangled with the communist government of China) accountable for things like fraud or IP theft.
Readit News
First, this document only applies to enterprise evaluation software. This doesn't apply to our OSS software and this shouldn't be linked anywhere near our OSS except in the context of signing up for an enterprise eval.
Most importantly: why is this here? This is NOT a political statement. This is a legal requirement. The encryption we use in Vault is subject to Chinese export control laws and it is illegal for us (by Chinese law) to sell in China.
To be able to sell Vault within China we'd have to restrict the encryption that could be used within Vault to government-acceptable versions.
We don't do this, therefore it is illegal for us to sell in China. We have to include this line in our enterprise terms.
EDIT: Our legal team has updated the copy in our terms to be more explicit. You can read the updated copy in the second paragraph here: https://www.hashicorp.com/terms-of-evaluation
But no, it's the Chinese looking to force a US company to use their pre-approved encryption for reasons that should be obvious.
Bravo.
https://twitter.com/mitchellh/status/1266390186054651905
Hashi to my ears sounds distinctively Japanese (I understand it either means "bridge" or "chopsticks").
Maybe it's just a political statement.
https://news.ycombinator.com/item?id=23351181
Deleted Comment