problematic pkcs11 license
Florian Weimer
fweimer at redhat.com
Wed Apr 28 10:16:08 UTC 2021
* Matthias Klose:
> A Debian issue points out a problematic license for some imported header files,
> see https://bugs.debian.org/985765, and also https://bugs.debian.org/952951
> pointing out the issue with the OASIS license.
>
> The header files currently have
>
> /* Copyright (c) OASIS Open 2016-2019. All Rights Reserved.
> * Distributed under the terms of the OASIS IPR Policy,
> * [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY
> * IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS
> FOR A
> * PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others.
> */
>
> The proposed alternative headers from NSS (which is already used as a build
> dependency for OpenJDK), have:
>
> /* This Source Code Form is subject to the terms of the Mozilla Public
> * License, v. 2.0. If a copy of the MPL was not distributed with this
> * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
> /*
> * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
> * is granted provided that it is identified as "RSA Security In.c Public-Key
> * Cryptography Standards (PKCS)" in all material mentioning or referencing
> * this document.
> *
> * The latest version of this header can be found at:
> * http://www.rsalabs.com/pkcs/pkcs-11/index.html
> */
>
> Is this something which could be addressed upstream? Which group to
> contact?
For some additional context on the OASIS license, there is also a
discussion here:
<https://lists.fedoraproject.org/archives/list/legal@lists.fedoraproject.org/thread/2QXHMTZ47DMMARJVI6PUMSYUPVFAGLCV/>
Thanks,
Florian
More information about the jdk-dev
mailing list