Hi,
I wanted to package UROnode, it seemed to be GPLv2+ licensed amateur radio software (mirror [1]), but I came across the following weird text in the package (in addition to the GPLv2 text):
URONode is free to use around the globe with the exception of: anywhere in or by the Commonwealth of Massachusetts anywhere in or by the Commonwealth of Pennsylvania
Because of their tactics, any of my software is not to be used in these two states. Your cooperation is appreciated..
- N1URO
can be such package included in Fedora?
thanks & regards
Jaroslav
On Tue, Jul 15, 2014 at 11:56:26AM -0400, Jaroslav Skarvada wrote:
Hi,
I wanted to package UROnode, it seemed to be GPLv2+ licensed amateur radio software (mirror [1]), but I came across the following weird text in the package (in addition to the GPLv2 text):
URONode is free to use around the globe with the exception of: anywhere in or by the Commonwealth of Massachusetts anywhere in or by the Commonwealth of Pennsylvania
Because of their tactics, any of my software is not to be used in these two states. Your cooperation is appreciated..
- N1URO
can be such package included in Fedora?
No.
- RF
----- Original Message -----
On Tue, Jul 15, 2014 at 11:56:26AM -0400, Jaroslav Skarvada wrote:
Hi,
I wanted to package UROnode, it seemed to be GPLv2+ licensed amateur radio software (mirror [1]), but I came across the following weird text in the package (in addition to the GPLv2 text):
URONode is free to use around the globe with the exception of: anywhere in or by the Commonwealth of Massachusetts anywhere in or by the Commonwealth of Pennsylvania
Because of their tactics, any of my software is not to be used in these two states. Your cooperation is appreciated..
- N1URO
can be such package included in Fedora?
No.
- RF
Thanks for the info. I resolved this with upstream, they seem to have no problem with re-licensing to GPLv2+.
Another question regarding this package, there is included MD2 implementation by RSA with the following text:
* MD2C.C - RSA Data Security, Inc., MD2 message-digest algorithm */
/* Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All rights reserved.
License to copy and use this software is granted for non-commercial Internet Privacy-Enhanced Mail provided that it is identified as the "RSA Data Security, Inc. MD2 Message Digest Algorithm" in all material mentioning or referencing this software or this function.
RSA Data Security, Inc. makes no representations concerning either the merchantability of this software or the suitability of this software for any particular purpose. It is provided "as is" without express or implied warranty of any kind.
These notices must be retained in any copies of any part of this documentation and/or software. */
Is it Fedora Compatible? Does [1] apply to it?
thanks & regards
Jaroslav
https://fedoraproject.org/wiki/Licensing:FAQ?rd=Licensing/FAQ#What_about_the...
On Wed, Jul 16, 2014 at 04:52:50AM -0400, Jaroslav Skarvada wrote:
Another question regarding this package, there is included MD2 implementation by RSA with the following text:
- MD2C.C - RSA Data Security, Inc., MD2 message-digest algorithm
*/
/* Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All rights reserved.
License to copy and use this software is granted for non-commercial Internet Privacy-Enhanced Mail provided that it is identified as the "RSA Data Security, Inc. MD2 Message Digest Algorithm" in all material mentioning or referencing this software or this function.
RSA Data Security, Inc. makes no representations concerning either the merchantability of this software or the suitability of this software for any particular purpose. It is provided "as is" without express or implied warranty of any kind.
These notices must be retained in any copies of any part of this documentation and/or software. */
Is it Fedora Compatible?
No. But:
Does [1] apply to it?
[...]
https://fedoraproject.org/wiki/Licensing:FAQ?rd=Licensing/FAQ#What_about_the...
Please wait for spot's response on this.
- RF
----- Original Message -----
On Wed, Jul 16, 2014 at 04:52:50AM -0400, Jaroslav Skarvada wrote:
Another question regarding this package, there is included MD2 implementation by RSA with the following text:
- MD2C.C - RSA Data Security, Inc., MD2 message-digest algorithm
*/
/* Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All rights reserved.
License to copy and use this software is granted for non-commercial Internet Privacy-Enhanced Mail provided that it is identified as the "RSA Data Security, Inc. MD2 Message Digest Algorithm" in all material mentioning or referencing this software or this function.
RSA Data Security, Inc. makes no representations concerning either the merchantability of this software or the suitability of this software for any particular purpose. It is provided "as is" without express or implied warranty of any kind.
These notices must be retained in any copies of any part of this documentation and/or software. */
Is it Fedora Compatible?
No. But:
Does [1] apply to it?
[...]
https://fedoraproject.org/wiki/Licensing:FAQ?rd=Licensing/FAQ#What_about_the...
Please wait for spot's response on this.
- RF
Hi guys,
any news about it? It's blocking:
https://bugzilla.redhat.com/show_bug.cgi?id=1120771 https://bugzilla.redhat.com/show_bug.cgi?id=1121115
thanks & regards
Jaroslav
On 07/16/2014 10:52 AM, Jaroslav Skarvada wrote:
- MD2C.C - RSA Data Security, Inc., MD2 message-digest algorithm */
Is it Fedora Compatible? Does [1] apply to it?
Fedora software should not use the MD2 hashing algorithm for security reasons. It's also *extremely* slow, making it a poor choice for any applications, basically. Why does UROnode need it?
----- Original Message -----
On 07/16/2014 10:52 AM, Jaroslav Skarvada wrote:
- MD2C.C - RSA Data Security, Inc., MD2 message-digest algorithm */
Is it Fedora Compatible? Does [1] apply to it?
Fedora software should not use the MD2 hashing algorithm for security reasons. It's also *extremely* slow, making it a poor choice for any applications, basically. Why does UROnode need it?
It is application for amateur radio, so both security/speed is not an issue here; users, licensed hams, are aware of it.
I will probably propose patch adding support for SHA-1 or anything else, maybe HOTP/TOTP based sysop auth, but upstream will probably not drop the MD2 support due to backward compatibility
regards
Jaroslav
----- Original Message -----
----- Original Message -----
On 07/16/2014 10:52 AM, Jaroslav Skarvada wrote:
- MD2C.C - RSA Data Security, Inc., MD2 message-digest algorithm */
Is it Fedora Compatible? Does [1] apply to it?
Fedora software should not use the MD2 hashing algorithm for security reasons. It's also *extremely* slow, making it a poor choice for any applications, basically. Why does UROnode need it?
It is application for amateur radio, so both security/speed is not an issue here; users, licensed hams, are aware of it.
I will probably propose patch adding support for SHA-1 or anything else, maybe HOTP/TOTP based sysop auth, but upstream will probably not drop the MD2 support due to backward compatibility
regards
Jaroslav
Resolved by upstream, MD2 dropped, thanks all and sorry for noise,
regards
Jaroslav