2007/9/18, Tim Ellison <[EMAIL PROTECTED]>:
> Mikhail Loenko wrote:
> > I think it's OK to keep it. It's written according to
> > http://www.ietf.org/rfc/rfc2246.txt
>
> Depends what you mean by "it". I agree that its ok for us to keep the
> references to the algorithm, but we should not be redistributing the
> implementation of the algorithm.
Yes, I meant the code in CipherSuite.java
>
> Regards,
> Tim
>
>
> > 2007/9/18, Tim Ellison <[EMAIL PROTECTED]>:
> >> Mikhail Loenko wrote:
> >>> 2007/9/18, Tim Ellison <[EMAIL PROTECTED]>:
> >>>> There is a discussion over at the incubator general mailing list (e.g.
> >>>> [1]), amongst other places, about the redistribution of BouncyCastle
> >>>> code from ASF machines.
> >>>>
> >>>> The crux is that we can't redistribute BC's IDEA implementation as it is
> >>>> subject to a known patent for which we don't have a grant/license.
> >>>>
> >>>> We'll have to change our current practice of publishing binaries that
> >>>> include BC unmodified. The resolution seems to be maintaining a local
> >>>> copy of the BC JAR without the offending algorithm. I expect we would
> >>>> have to unsign the JAR too when modified.
> >>>>
> >>>> Do we have any dependencies upon IDEA? I see some references in the
> >>>> JSSE cipher suite code,
> >>> Reference to IDEA?
> >> just grepping:
> >>
> >> modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java
> >> 107: static byte[] code_TLS_RSA_WITH_IDEA_CBC_SHA = { 0x00, 0x07 };
> >> 157: static CipherSuite TLS_RSA_WITH_IDEA_CBC_SHA = new CipherSuite(
> >> 158: "TLS_RSA_WITH_IDEA_CBC_SHA", false, KeyExchange_RSA,
> >> "IDEA_CBC",
> >> 159: "SHA", code_TLS_RSA_WITH_IDEA_CBC_SHA);
> >> 256: TLS_RSA_WITH_IDEA_CBC_SHA,
> >> 417: } else if ("IDEA_CBC".equals(cipherName)) {
> >> 418: this.cipherName = "IDEA/CBC/NoPadding";
> >>
> >>
> >> Regards,
> >> Tim
> >>
> >
>
