On Sun, Aug 28, 2016 at 2:56 AM, Christopher ctubbsii@fedoraproject.org wrote:
On Sat, Aug 27, 2016 at 6:16 PM Igor Gnatenko ignatenko@redhat.com wrote:
Hi,
I have some questions about OCB[0] and it's usage in Fedora.
I wanted to package pycryptodome[1] and found that they implement OCB in their code. From my POV (completely without any legal knowledge) it seems that it's not completely free[2] as it's not allowed for military use. It seems to be allowed without any restrictions only for OpenSSL.
What do you think? Looks like now we have mosh[3] packaged and it includes OCB (so if it's not acceptable, it most probably should be removed).
[0] http://web.cs.ucdavis.edu/~rogaway/ocb/ [1] https://pycryptodome.readthedocs.io/en/latest/ [2] http://web.cs.ucdavis.edu/~rogaway/ocb/license.htm [3] https://mosh.org -- -Igor Gnatenko
I'm not a lawyer, but it seems to me that OCB is available to be implemented under 4 different license options:
- Any open source software licensed under an approved license by OSI or
public domain. 2. General license for non-military use. 3. OpenSSL-specific use. 4. Special license from the patent owner.
Only option 2 has the non-military restriction, and anything in Fedora would almost certainly fall under 1 or 3. So, I can't imagine there'd be a problem using the OCB patent in Fedora software. I'm actually not even sure why option 3 even exists, since it seems to be a subset of option 1. Regardless, it doesn't look like the non-military restriction of option 2 would apply if option 1 is used.
Unfortunately I don't know how licenses applies, so if program is licensed under OSI-approved license then 2nd license doesn't apply anymore?
-- devel mailing list devel@lists.fedoraproject.org https://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org