ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] DRAFT minutes for OpenPGP at IETF 94

2015-11-05 08:26:11
from [Simon Josefsson] [Permanent Link] 
"brian m. carlson" <sandals(_at_)crustytoothpaste(_dot_)net> writes:


On Wed, Nov 04, 2015 at 02:27:54AM +0100, Aaron Zauner wrote:

brian m. carlson wrote:

A note on using patented algorithms: Some organizations, such as Debian,
require that parts of software be able to be extracted and otherwise
used under the terms of the license.  Even if the OCB patent is waived
for OpenPGP, that would not be sufficient to allow parts of an OpenPGP
implementation that use OCB to be used in non-OpenPGP software.  That
might prevent such OpenPGP implementations from entering the main Debian
archive.  Other organizations may have similar restrictions.

This is just something to consider when discussing the use of patented
algorithms.


So in this case is non open-source software relevant at all? I don't
think so. For open-source initiative licenses, public domain and CC
there's a patent exemption anyway (since 2013):
http://web.cs.ucdavis.edu/~rogaway/ocb/license1.pdf


I suspect this is probably sufficient for Debian's purposes, although I
of course can't speak on their behalf.


I'm not convinced that license is sufficient given how the term "Open
Source Software" is defined.

One right that a user has with, for example BSD or GPL licensed code, is
to modify the code and sell/distribute the result to a third party (and
in the case of GPL, provide source code) and not publish the code
elsewhere.  This is how many proprietary products use FOSS code, for
example Microsoft Windows or your random Android app.  The license only
gives right to the patent for software projects which are publicly
available through the wording "by anyone":

   “Open Source Software” means software whose source code is published
   and made available for inspection and use by anyone because ...

So, no, I don't think that license is sufficient, and that patent
licensing terms in general, unfortunately, hampers wider adoption
because evaluating whether they are permissible or not is too hard.

/Simon

Attachment: signature.asc
Description: PGP signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] [PATCH] RFC4880bis: Argon2i, Simon Josefsson
Next by Date:  Re: [openpgp] 2nd OpenPGP Summit on Dec 5/6 in Zurich, Derek Atkins
Previous by Thread:  Re: [openpgp] DRAFT minutes for OpenPGP at IETF 94, Aaron Zauner
Next by Thread:  Re: [openpgp] DRAFT minutes for OpenPGP at IETF 94, Aaron Zauner
Indexes:  [Date] [Thread] [Top] [All Lists]