Am Dienstag, 18. März 2008 19:52:02 schrieb Timothy J Miller: > On Mar 18, 2008, at 1:23 PM, Andreas Jellinghaus wrote: > > no. but puttysc claims to be GPL'ed, which is quite stupid - I don't > > know of > > any GPL compatible pkcs#11 implementation. (opensc is not - we use > > openssl... > > and pkcs#11 header files (the original) are GPL incompatible too.) > > Huh? RedHat's libcoolkeypk11 and MUSCLE's libmusclepk11 are both > GPL'd or GPL compatible PKCS#11 modules. And NSS is Mozilla licensed, > which implements the calling end.
at least mozilla uses or did use the original pkcs#11 header file and my reading of the license is: - the formulation is quite vague - but in effect it is very similar to the BSD4 advertising clause (only worse because of the vague wording - "all material" or something like that) - BSD4 is GPL incompatible - the discussion is quite old, but to my knowledge that was the consensus. openssl has a BSD4 style license and everyone says it is GPL incompatible / authors using it and GPL should add an exception. the bigger problem is distributions: if they take the license serious, they have a huge headache to make sure they are complient. for example the text in debian package description mentions PKCS#11 I think, but it doesn't say "RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki)" and thus violates the license. I don't say that rsa labs will send lawyers out to sue anyone. I don't think anything like that will happen at all. But if you want other people to respect your copyright and licenses on your code, you should start respecting other peoples copyright and licenses first. and using PKCS#11 without proper attribution is a breach of that license - even if the license is a very stupid one, and it is also stupid that standard header files have such strings attached at all. well, that is my point of view, you might come to a different conclusion. hope it helps! Regards, Andreas p.s. feel free to forward this to other people affected. opensc and gnupg/scute use a re-written pkcs#11 header file that has maybe not 100% of the definitions (we only added what we support / needed), but is compatible and works for us - and is like public domain. _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
