From owner-cvs-all Fri Jul 14 14:59: 1 2000 Delivered-To: cvs-all@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 74F5837BA1E; Fri, 14 Jul 2000 14:58:47 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id RAA99752; Fri, 14 Jul 2000 17:58:36 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Fri, 14 Jul 2000 17:58:36 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Garrett Wollman Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/lib/libutil realhostname.c In-Reply-To: <200007142120.RAA88541@khavrinen.lcs.mit.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, 14 Jul 2000, Garrett Wollman wrote: > < said: > > > The only licensing problem I know about is the dependence on RSA, which > > goes away soon. Is there another licensing problem I don't know > > about? > > The license for the actual implementation was, last time someone > looked into this, fairly nasty (read: unacceptable to the Project). > It's possible that recent values of BIND have fixed this. On the > other hand, I've heard complaints that the ISC has started applying an > unacceptable license to their recent releases of other software, in > which case we may be screwed totally. The license I found on the BIND9 release candidate was: Copyright (C) 1996-2000 Internet Software Consortium. Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies. THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. In addition, elements of BIND's DNSSEC support rely on the TIS digital signature toolkit (dst), which falls under the following license: * Portions Copyright (c) 1995-1998 by Trusted Information Systems, Inc. * * Permission to use, copy modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND TRUSTED INFORMATION SYSTEMS * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL * TRUSTED INFORMATION SYSTEMS BE LIABLE FOR ANY SPECIAL, DIRECT, * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION * WITH THE USE OR PERFORMANCE OF THE SOFTWARE. Later on, some of the copyrighting changed to NAI, after NAI acquired TIS: * Portions Copyright (C) 1999, 2000 Internet Software Consortium. * Portions Copyright (C) 1995-2000 by Network Associates, Inc. But the license terms remained the same. I don't see any problem with that license. The only real issues I was aware of were: 1) RSA patent -- this goes away in September, and not only that but I believe a license was negotiated to allow free use of the RSA algorithm for the purposes of supporting DNSsec. The normal RSA license for dnssafe is: /* Copyright (C) RSA Data Security, Inc. created 1993, 1996. This is an unpublished work protected as such under copyright law. This work contains proprietary, confidential, and trade secret information of RSA Data Security, Inc. Use, disclosure or reproduction without the express written authorization of RSA Data Security, Inc. is prohibited. However, the negotiated license for BIND permits redistribution as part of BIND. I.e., there was express written authorization. With Openssl as an option here (BIND9), and supported in the build, I believe this is ok, as dnssafe would not be used. And once September passes, the patent risk goes away. 2) Export issues -- an export license was negotiated to allow RSA to be exported when used for DNSsec. And this issue is also going away. And those both relate to RSA, whereas DSA is also supported for DNSsec since it only does authenticity, not privacy. I've e-mailed the DNSEXT working group chair, a developer on the BIND9 DNSsec code, for some clarification, and will get back to you ASAP. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message