Re: [gentoo-dev] Guidance on distributed patented software

public inbox for gentoo-dev@lists.gentoo.org
 help / color / mirror / Atom feed

From: Joshua Kinard <kumba@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Cc: licenses@gentoo.org
Subject: Re: [gentoo-dev] Guidance on distributed patented software
Date: Wed, 22 Sep 2021 08:54:40 -0400	[thread overview]
Message-ID: <d104f89d-a4bc-cbca-38db-750e6bb217a4@gentoo.org> (raw)
In-Reply-To: <robbat2-20210920T174440-071239786Z@orbis-terrarum.net>

On 9/20/2021 14:15, Robin H. Johnson wrote:
> On Mon, Sep 20, 2021 at 01:27:37PM -0400, Rich Freeman wrote:
>> On Mon, Sep 20, 2021 at 12:46 PM Alec Warner <antarus@gentoo.org> wrote:
>>>
>>> Could we add some text to the license concepts covering patents? It
>>> seems to have been omitted?
>>> Is my understanding of how we manage patented software correct?
>>
>> I think you have the gist of it.  Is there actually anything in the
>> repo these days which is patent-encumbered?  I realize this is a
>> little tangential, but I think this is probably why we don't have a
>> well-thought policy: it just doesn't come up much.
> Elliptic Curve cryptography is the most topical & impactful thing I'm
> aware of.
> 
> RedHat have for many years stripped parts of it out of their OpenSSL &
> libgcrypt packages, and continue to do it with OpenSSL-3 [1] (I note
> that somebody has dropped these patches from Gentoo's openssl as of v3
> and I intend to restore them).
> 
> RedHat's legal team clearly know something there that they aren't
> disclosing the details of publicly, because the patches said the patents
> expire in 2020, but when I asked off-list if EC could be re-enabled
> based on the expiry dates in the files, they claimed that patent issues
> were still present, without giving any detail.
> 
> Somebody else ALSO asked about the Brainpool EC curves specifically and
> similarly got nowhere [2].
> 
> [1] https://src.fedoraproject.org/rpms/openssl/c/347681c6b246d9b6a08c73bb40e5eefaf8596d71?branch=rawhide
> [2] https://www.spinics.net/linux/fedora/fedora-legal/msg03673.html
> 

[snip]

Is there any advice on how this impacts net-misc/dropbear?  That has ECC
(both ECDSA and Ed25519) support, and I use it for SGI/MIPS netboot images.
 The build doesn't have any bindist uses in it, and ECC support is a
localoptions.h compile-time option (enabled by default).  ECC is much faster
on old SGI hardware and generating the hostkeys at bootup takes just a
second or two, whereas RSA can take up to 10-15 seconds.  So I'd like to be
able to use ECC on these platforms and distribute netboot images using them.

-- 
Joshua Kinard
Gentoo/MIPS
kumba@gentoo.org
rsa6144/5C63F4E3F5C6C943 2015-04-27
177C 1972 1FB8 F254 BAD0 3E72 5C63 F4E3 F5C6 C943

"The past tempts us, the present confuses us, the future frightens us.  And
our lives slip away, moment by moment, lost in that vast, terrible in-between."

--Emperor Turhan, Centauri Republic

next prev parent reply	other threads:[~2021-09-22 12:54 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-09-20 16:46 [gentoo-dev] Guidance on distributed patented software Alec Warner
2021-09-20 17:27 ` Rich Freeman
2021-09-20 18:15   ` Robin H. Johnson
2021-09-20 18:41     ` Ulrich Mueller
2021-09-20 19:20       ` Robin H. Johnson
2021-09-22 12:54     ` Joshua Kinard [this message]
2021-09-22 16:37       ` Robin H. Johnson
2021-09-23  5:54         ` Joshua Kinard
2021-09-23 15:52           ` Peter Stuge
     [not found]           ` <CAAr7Pr9a6cRbHDxkUbKwxabW8skh1izA7C2GqTE1XF8mg-CV0g@mail.gmail.com>
2021-09-24  7:46             ` Joshua Kinard
     [not found]               ` <20210924095510.6ff13620@computer>
2021-09-25 19:44                 ` Joshua Kinard
2021-09-26 17:09                   ` Peter Stuge
2021-09-26 19:20                     ` Rich Freeman
2021-09-27 18:14                       ` Marek Szuba
2021-09-27 21:09                         ` Rich Freeman
2021-09-26 19:41                   ` Sam James
2021-09-21 15:25   ` Andreas K. Huettel
2021-09-20 18:30 ` [gentoo-dev] " Ulrich Mueller
2021-09-26  6:38   ` Alec Warner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=d104f89d-a4bc-cbca-38db-750e6bb217a4@gentoo.org \
    --to=kumba@gentoo.org \
    --cc=gentoo-dev@lists.gentoo.org \
    --cc=licenses@gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox