| Summary: | gnupg licensing terms unclear, showing IDEA license | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Gareth Bult <Gareth> |
| Component: | New packages | Assignee: | Crypto team [DISABLED] <crypto+disabled> |
| Status: | RESOLVED WORKSFORME | ||
| Severity: | trivial | CC: | smithj, taviso |
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
|
Description
Gareth Bult
2004-11-27 07:51:30 UTC
There is a patch that places an IDEA licenced bit of code into GNUPG that enables IDEA encryption. This is available when the idea use flag is used. gnupg-1.2.6 LICENSE="GPL-2 idea? ( IDEA )" This is represented as best be can. Suggestions are welcome. The gnupg website is correct. The idea patch is not a part of the standard GNUPG product. Mmm, Ok.. but I thought that the license type referred to the package? Someone would have to have a specific reason to want the idea patch, and then they'd need to specifically enable it .. ? Would it not be better to list "optional" licenses at build time, possibly with a user intervention "include non-free sw patch (y/n) ?" Fron a personal pov, I'd much perfer to see a second package specifically marked as non free than have idea as a patch to a free package .. (!) Is there any documentation re; standard and optional commercial packages ? My code sort of relies on being able to interpret this information with a view to making sure a resulting product is "free". The gnupg package in the portage tree that breaks my code ... >...but I thought that the license type referred to the package? Yes and if some extra bit of code is introduced then both licenses apply. >...Someone would have to have a specific reason to want the idea patch, and then they'd need to specifically enable it .. ? Yes they would specifically need to add "idea" to their USE flags. >...Is there any documentation re; standard and optional commercial packages ? not sure what you mean here. >...My code sort of relies on being able to interpret this information with a view to making sure a resulting product is "free". The gnupg package in the portage tree that breaks my code ... Something like: http://forums.gentoo.org/viewtopic.php?t=96224&highlight=acceptlicense&sid=6755f14c0604104c923f64be3c62a015 ACCEPT_LICENSE has been proposed for a bit. Talk to the portage devs on irc in #gentoo-portage and they may point you in the right direction as to how to handle this. The structure that I have used I believe that a subroutine that can parse it. /usr/portage/eclass/eutils.eclass also contains a bit in check_license and your right the construct here does break it. I think I have helped as much as I can. Hi Gareth, the variable is correct, the optional idea module is subject to patent restrictions in some countries. Although the code itself is gpl-2 in countries where that is permitted, mediacrypt (the company that owns IDEA), imposes restrictions on it's use and distribution where their patent applies (basically, free to use for personal and some educational uses, but not for commercial). the idea module is genuinely useful, people decrypting/verifying messages created with older versions of pgp need it, and it's been requested several times. the new syntax for LICENSE is in preparation for the new ACCEPT_LICENSES features, the IDEA license will only apply with the idea USE flag set. |
