topic Re: ITAR - ABAP Secure Programming in Application Development and Automation Discussions https://community.sap.com/t5/application-development-and-automation-discussions/itar-abap-secure-programming/m-p/3112528#M738988 <HTML><HEAD></HEAD><BODY><P>Hi Prashant</P><P>ITAR deals with export regulations concerning also cryptographic products.</P><P></P><P>In general there is (by default) no crypto contained in SAP R/3 4.7 that falls under ITAR. However, if you start to modify or add ABAP code and include any crypto functionality, you are responsible to adhere to ITAR yourself.</P><P></P><P>Usually the SAP secure programming guide dictates to SAP programmers to include any cryptographic functionality (when needed) as a "pluggable function". This means that the code must be able to run without crypto, even if it is then not safe.</P><P></P><P>I hope that this helps.</P><P></P><P>Best regards, Kristian</P></BODY></HTML> Wed, 12 Dec 2007 08:03:17 GMT kristian_lehment 2007-12-12T08:03:17Z ITAR - ABAP Secure Programming https://community.sap.com/t5/application-development-and-automation-discussions/itar-abap-secure-programming/m-p/3112527#M738987 <HTML><HEAD></HEAD><BODY><P>Hi Experts,</P><P> </P><P>I would like to know whether there is any information available on ABAP Secure programming to adhere to ITAR in SAP R/3 4.7.</P><P></P><P></P><P>Would appreciate if you give any pointers.</P><P></P><P></P><P>Thanks,</P><P>Best regards,</P><P>Prashant</P></BODY></HTML> Thu, 29 Nov 2007 12:23:06 GMT https://community.sap.com/t5/application-development-and-automation-discussions/itar-abap-secure-programming/m-p/3112527#M738987 Former Member 2007-11-29T12:23:06Z Re: ITAR - ABAP Secure Programming https://community.sap.com/t5/application-development-and-automation-discussions/itar-abap-secure-programming/m-p/3112528#M738988 <HTML><HEAD></HEAD><BODY><P>Hi Prashant</P><P>ITAR deals with export regulations concerning also cryptographic products.</P><P></P><P>In general there is (by default) no crypto contained in SAP R/3 4.7 that falls under ITAR. However, if you start to modify or add ABAP code and include any crypto functionality, you are responsible to adhere to ITAR yourself.</P><P></P><P>Usually the SAP secure programming guide dictates to SAP programmers to include any cryptographic functionality (when needed) as a "pluggable function". This means that the code must be able to run without crypto, even if it is then not safe.</P><P></P><P>I hope that this helps.</P><P></P><P>Best regards, Kristian</P></BODY></HTML> Wed, 12 Dec 2007 08:03:17 GMT https://community.sap.com/t5/application-development-and-automation-discussions/itar-abap-secure-programming/m-p/3112528#M738988 kristian_lehment 2007-12-12T08:03:17Z