Peter Lemenkov | 1 Jun 15:42 2009
Picon

Regarding status of SRP (Secure remote password) support

Hello All!
Fedora ships gnutls (and, probably, other applications) w/o SRP
support, which was disabled years ago (in the era of Jeff Jonston).
See technical description here:

http://en.wikipedia.org/wiki/Secure_remote_password_protocol

Being curious lad, I quickly googled about its patents issues and
found numerous discussion in the past. For example:

http://www.pdl.cmu.edu/mailinglists/ips/mail/msg09292.html
http://www.pdl.cmu.edu/mailinglists/ips/mail/msg08027.html

>From these discussions, I found that patent holder provides a
royalty-free license:

http://otl.stanford.edu/pdf/97006.pdf

I cannot find any other patent-related info at the dedicated site
(created by patent holder):

http://srp.stanford.edu/

Maybe it's time to re-add support for SRP back in Fedora?

--

-- 
With best regards!
Rahul Sundaram | 5 Jun 02:04 2009

Songbird and EULA

Hi

Potential issue with Songbird and EULA is brewing at

https://bugzilla.redhat.com/show_bug.cgi?id=453422#c64

Appreciate some comments from legal on this.

Rahul
Tom "spot" Callaway | 5 Jun 16:33 2009
Picon

Re: Songbird and EULA

On 06/04/2009 08:04 PM, Rahul Sundaram wrote:
> Hi
> 
> Potential issue with Songbird and EULA is brewing at
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=453422#c64
> 
> Appreciate some comments from legal on this.

Blocked against FE-Legal, with a lengthy explanation of why EULAs in
free software are epic fail.

~spot
Frank Murphy (Frankly3d | 6 Jun 10:34 2009
Picon

BlueJ: Help with Licence Check?

http://www.bluej.org/about/license.html

Before I do anything package wise,
would  this licence be compliant with Fedora Guidelines
(Third Party\Exceptions)

Frank

--

-- 
msn: frankly3d  skype: frankly3d
Mailing-List Reply to: Mailing-List
Still Learning, Unicode where possible
Tom "spot" Callaway | 6 Jun 15:49 2009
Picon

Re: BlueJ: Help with Licence Check?

On 06/06/2009 04:34 AM, Frank Murphy (Frankly3d) wrote:
> http://www.bluej.org/about/license.html
> 
> Before I do anything package wise,
> would  this licence be compliant with Fedora Guidelines
> (Third Party\Exceptions)

Yes. The main license is GPLv2 with the classpath exception, and the
third party libraries it links to are all free (several of them are GPL
incompatible, but the classpath exception works around that).

Just be sure you don't bundle in copies of the third party bits when you
make the bluej package.

~spot
Richard W.M. Jones | 9 Jun 11:41 2009
Picon

FYI - chntpw package

Just for your information:

https://bugzilla.redhat.com/show_bug.cgi?id=504595

I'm going to add the patch from Debian to resolve this issue.

Rich.

--

-- 
Richard Jones, Emerging Technologies, Red Hat  http://et.redhat.com/~rjones
virt-p2v converts physical machines to virtual machines.  Boot with a
live CD or over the network (PXE) and turn machines into Xen guests.
http://et.redhat.com/~rjones/virt-p2v
Todd Zullinger | 9 Jun 14:31 2009
Picon

Re: FYI - chntpw package

Richard W.M. Jones wrote:
> Just for your information:
>
> https://bugzilla.redhat.com/show_bug.cgi?id=504595
>
> I'm going to add the patch from Debian to resolve this issue.

Haven't we considered OpenSSL as a core part of the OS and not worried
about linking to it without any special exceptions by the GPL'd code?

If not, there are a good many more program that will need patched.

--

-- 
Todd        OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Sanity is the trademark of a weak mind.
    -- Mark Harrold

_______________________________________________
Fedora-legal-list mailing list
Fedora-legal-list@...
https://www.redhat.com/mailman/listinfo/fedora-legal-list
Tom "spot" Callaway | 9 Jun 14:50 2009
Picon

Re: FYI - chntpw package

On 06/09/2009 08:31 AM, Todd Zullinger wrote:
> Haven't we considered OpenSSL as a core part of the OS and not worried
> about linking to it without any special exceptions by the GPL'd code?
> 
> If not, there are a good many more program that will need patched.

Yes, this is accurate. That said, if the maintainer wants to apply a
patch, I won't tell them they can't do it.

~spot
Richard W.M. Jones | 9 Jun 15:03 2009
Picon

Re: FYI - chntpw package

On Tue, Jun 09, 2009 at 08:50:49AM -0400, Tom spot Callaway wrote:
> On 06/09/2009 08:31 AM, Todd Zullinger wrote:
> > Haven't we considered OpenSSL as a core part of the OS and not worried
> > about linking to it without any special exceptions by the GPL'd code?
> > 
> > If not, there are a good many more program that will need patched.
> 
> Yes, this is accurate. That said, if the maintainer wants to apply a
> patch, I won't tell them they can't do it.

Well, I've applied Debian's patch now anyway ...

Rich.

--

-- 
Richard Jones, Emerging Technologies, Red Hat  http://et.redhat.com/~rjones
virt-p2v converts physical machines to virtual machines.  Boot with a
live CD or over the network (PXE) and turn machines into Xen guests.
http://et.redhat.com/~rjones/virt-p2v
Todd Zullinger | 9 Jun 15:11 2009
Picon

Re: FYI - chntpw package

Richard W.M. Jones wrote:
> Well, I've applied Debian's patch now anyway ...

So if the legal winds should shift, you'll be covered. :)

Just out of curiousity, do you know if anyone asked chntpw upstream if
they'd add a OpenSSL exception to the license?  I know GnuPG (at least
the 1.4 branch) did so a while back.

--

-- 
Todd        OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
What we seek is not the overthrow of the government, but a situation
in which it gets lost in the shuffle.
    -- Duncan Frissell

_______________________________________________
Fedora-legal-list mailing list
Fedora-legal-list@...
https://www.redhat.com/mailman/listinfo/fedora-legal-list

Gmane