Re: Maxmind GeoIP/Geolite license change

2020-01-03 Thread Patrick Matthäi


Am 04.01.2020 um 01:53 schrieb Faidon Liambotis:
> On Sat, Jan 04, 2020 at 12:44:49AM +0100, Patrick Matthäi wrote:
>> So if we are not allowed to distribute it anymore we have got the
>> following options:
>>
>> 1) we keep the the current free database in our repository, which is
>> free and works. We dont care about the precision after X years (not our
>> fault)
> That would be (very) misleading and I'm not sure if it would be in the
> service of our users. The data gets stale really quick --I think it was
> something like 2-5% loss per month? My opinion is that shipping no data
> is better than shipping garbage data...

I support this opionion for 100%.


>> 2) we drop the database package. Also if it is something like contrib,
>> but if there is no free working alternative, shouldnt we (as in Debian
>> as open source community) then also remove all libraries and
>> implementations using GeoIP from Maxmind from our repositories? 
> I don't agree with that; the libraries are free-libre, the file format
> is open and freely documented (CC-BY-SA 3.0), and there are both readers
> and writers for those formats in the archive. There are even
> free-as-in-beer databases available in the wild, although that wouldn't
> even be a requirement IMO. There is nothing in the DFSG that says that
> software is free-libre only if it operates on publicly available
> free-libre data.

We have got many similar examples in another category: games
Old games like Quake, Red Alert, Roaler Coaster Tycoon etc etc, the game
code now itself is free: sometimes reverse engin., new code or open
sourced by the publisher itself. But often the required game data
(images, videos, etc) are not distributable and required from the
original cd-rom.

So the game code itself is free, but we have to put it in contrib,
because it is only useable with non-free data.
This is exactly the situation with geoip now: there is so much free
code, but it is only useable with a non-free additional.

That also means every software depending on that/compiling on that is
also contrib and so on not main/free anymore. A desaster


>
>> 3) We/others/I and others start a fork: I would welcome volunters to
>> start a fork to maintain the database, so that it is not useless in a
>> few years, but this is also one of my last options. I would like to have
>> a solution with Maxmind together.
> I wouldn't mind that option of course, but I have my doubts it'd be
> successful... That's essentially MaxMind's entire business that you'd be
> trying to replicate, after all :)

Correct ;)
But I also have to think about some other ways. And Debian is not the
only distribution with this problem now


>
> How about option (4):
> - We drop geoip-database, assuming that we determine we can't legally
>   distribute it anymore, or ship it in non-free if we determine we can.
>   [I haven't read the terms yet]

I would like to have an expert opinion about the options.. The license
itself sucks and says fcky. If understood the law correctly the it would
be enough to get a free version of the data without any california users
(if in/or country database.. who cares). But the ball is now on the side
of maxmind..


>
> - We let users generate and/or ship their own MMDBs. For example,
>   organizations may have internal data in their databases of sufficient
>   accuracy that they can use to generate MMDBs and use them locally.

This would move all packages linking again libgeoip then to contrib


>
> - Optionally, users can also use geoipupdate, which is already in Debian
>   (and in contrib). They can sign up on maxmind.com, for either a free
>   or paid account, configure geoiupdate with their username & license
>   key and get fresh and up-to-date databases. They can continue to use
>   all MMDB/GeoIP2 software as they previously did.
Again to contrib
>
> Definitely not as easy to set up or practical as the previous situation,
> but still better than options 1-3 I think :)
>
>> So @Maxmind:
>>
>> 
> My intepretation of the change is very different than yours, but I'll
> avoid speaking for MaxMind folks here :)
>
> Regards,
> Faidon



Re: Maxmind GeoIP/Geolite license change

2020-01-03 Thread Patrick Matthäi
Hi,

I have added Greg from Maxmind: please forward it if you are not the
correct contact for it.

Am 03.01.2020 um 18:32 schrieb Florian Weimer:
> * Patrick Matthäi:
>
>> [1]: https://www.maxmind.com/en/geolite2/eula
> | 3. Destructions of GeoLite2 Database and GeoLite2 Data. From time to
> | time, MaxMind will release an updated version of the GeoLite2
> | Databases, and you agree to promptly use the updated version of the
> | GeoLite2 Databases. You shall cease use of and destroy (i) any old
> | versions of the Services within thirty (30) days following the
> | release of the updated GeoLite2 Databases; and (ii) all Services
> | immediately upon termination of the license under this
> | Agreement. Upon request, you shall provide MaxMind with written
> | confirmation of such destruction.
>
> That looks thoroughly non-free to me, and it is also highly
> impractical.  It appears to be the intent that this clause overrides
> the permissions normally afforded by the CC-BY-SA license.

And I think you mean non-free as in "not distributable at all", not like
a candidate for Debians unoffical non-free repository? Because of this
clause I also would say that we are not allowed to distribute it.

So if we are not allowed to distribute it anymore we have got the
following options:

1) we keep the the current free database in our repository, which is
free and works. We dont care about the precision after X years (not our
fault)
2) we drop the database package. Also if it is something like contrib,
but if there is no free working alternative, shouldnt we (as in Debian
as open source community) then also remove all libraries and
implementations using GeoIP from Maxmind from our repositories? That are
plenty of packages with quite high popcon, like bind9, apache, nginx,
nearly everthing.. The technical way would be something I would dicuss
on debian-devel@, but from the -legal view I would recommend removing
geoip support at all is a better legal choice as implementing APIs and
modules relying on realy non-free stuff, what do you think?
This would be definitly the death of geoip solutions at all in the
future in my opionion. (but it is not my choice)
3) We/others/I and others start a fork: I would welcome volunters to
start a fork to maintain the database, so that it is not useless in a
few years, but this is also one of my last options. I would like to have
a solution with Maxmind together.

So @Maxmind:

a) Correct me if I am wrong, but you care abot a california law which
states that you are not allowed to sell/provide california data: This
only applies on your city database, not on your country database

b) I am not bounded against any US or california law, but I - with my
geoip Debian hut on - wouldnt have any problem with providing an
open-source free geolite country database, where all US california IPs
are removed before. Did you considered that, providing this for your
paid services?



Maxmind GeoIP/Geolite license change

2020-01-03 Thread Patrick Matthäi
Hi,

[please add me to CC, I am not subscribed]

Maxmind announced - and now with the new year it is effective - that
they had to change the license and the ways how they have to distribute
the databases, because of some new california law, see [0].

I have got access to the new sources and the license file states:

"Use of this MaxMind product is governed by MaxMind's GeoLite2 End User
License Agreement, which can be viewed at
https://www.maxmind.com/en/geolite2/eula.
This database incorporates GeoNames [https://www.geonames.org]
geographical data, which is made available under the Creative Commons
Attribution 4.0 License. To view a copy of this license, visit
https://creativecommons.org/licenses/by/4.0/.;

So before I may have to raise this topic to debian-devel@ I would like
to hear your thoughts about this license [1] and what is now possible
for Debian and what not, e.g. not main, but non-free, filtering, I have
got no idea..

[0]:
https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/
[1]: https://www.maxmind.com/en/geolite2/eula

-- 
/*
Mit freundlichem Gruß / With kind regards,
 Patrick Matthäi
 GNU/Linux Debian Developer

  Blog: http://www.linux-dev.org/
E-Mail: pmatth...@debian.org
patr...@linux-dev.org
*/




Re: Bug#550860: ITP: gnaughty -- downloader for adult content

2009-10-14 Thread Patrick Matthäi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Philipp Kern schrieb:
 On 2009-10-14, Russ Allbery r...@debian.org wrote:
 But also if the _free_ software is for downloading etc. pay-only content
 like music, I do not think that it has to enter contrib, because it does
 not has got a real dependenie on non-free stuff.
 Yeah, it's a bit of a marginal case.  We have, for instance, Perl modules
 to talk to the Amazon APIs in main, although in most of those cases the
 API is relatively open and some other sites also implement it.
 
 The appearance of Eucalyptus is pretty recent, though.  So you'd need to
 wait until a free service of an API gets released?  How feature complete
 does it need to be?  If I release a compliant porn directory with only one
 pic, would that be appropriate?  And I could easily make it non-porn too.
 
 zsnes used to be in contrib, but somebody made the case that there could
 be, in fact, free roms, because the way how to program the box is not
 exactly secret anymore.  (If they would be buildable on Debian is another
 question.)  It lives in main now and my gut feeling is that it's the right
 thing to do, given that the code base is free to modify, share and gives
 you the usual rights of a free software license (here: GPL2).


Please move this whole discussion to debian-legal now.

- --
/*
Mit freundlichem Gruß / With kind regards,
 Patrick Matthäi
 GNU/Linux Debian Developer

E-Mail: pmatth...@debian.org
patr...@linux-dev.org

Comment:
Always if we think we are right,
we were maybe wrong.
*/
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkrWTt0ACgkQ2XA5inpabMfMkgCZAa1TyfmAqpzQN+I15vl2pohe
5lEAni039ylmJ95ylOC3RWVX/hmGnHJU
=JCXs
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org



Re: Serious problem with geoip - databases could not be build from source

2009-08-27 Thread Patrick Matthäi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Patrick Matthäi schrieb:
 Hello lists and maxmind,
 
 (please CC me in your replys, I am not subscribed to debian-legal@ and
 debian-devel@, thanks).

I am now, so ignore it. :)

.

 But I have got a serious problem with it:
 1) upstream delivers the databases only as binary .dat files
 2) csv versions of the free databases are available
 3) upstream isn't cooperative to tell us how to build the binary files
 from the csv (source) files

Here are the results:

- - With the great help from Kalle Olavi Niemitalo it is now possible to
build a good working GeoIP.dat from source, nice work!
- - Upstream does not provide (anymore?) csv files for the IPv6 database,
I asked them to do so, then we are possible also able to to provide this
database in the Debian packages.
- - I added several scripts which are useable for cron.d:
geoliteasnum.sh: the ASNUM edition
geolitecityupdate.sh: The city database
geolitecountryv4.sh: The classic Country database (IPv4)
geolitecountryv6.sh: The IPv6 country database

 
 I tried to fix this issue together with upstream, but his decision was,
 that we should remove the database(s) from the tarball and let them
 download at install time, this would be a candidate for contrib.
 
 If Boris Zentner ACKs with it I will publish the mailing result of us.

Since I opened up this discussion, they didn't replied to any of my mails.

 
 I disagree with it, because of the reverse dependencies.
 GeoIP is also not a candidate for main without any database, because the
 whole library isn't usefull in any manner then.

Now it is safe.


 Currently I see only three options:
 1) upstream decides to open his build system

Maybe they will decide to do so in the future, I hope it.

 2) we move it to contrib with all consequences
 3) we leave it as it is
 
 2) would be a disaster in my and many other eyes, 3) would be an
 exception of the DFSG, 1) is in my opinion the only acceptable solution
 for this problem.
 
 I hope you could help me. :)

Thanks for all your hints and work!

- --
/*
Mit freundlichem Gruß / With kind regards,
 Patrick Matthäi
 GNU/Linux Debian Developer

E-Mail: pmatth...@debian.org
patr...@linux-dev.org

Comment:
Always if we think we are right,
we were maybe wrong.
*/
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkqWv2wACgkQ2XA5inpabMf5QACfbwFrZGKVUgoQGsAfMvMngCb1
OrIAnAuLMqqq+QhEv57wlm9EKC70yL1m
=bSR/
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org



RE: Serious problem with geoip - databases could not be build from source

2009-08-26 Thread Patrick Matthäi
Le mercredi 26 août 2009 à 11:09 +0200, Bjørn Mork a écrit : 
 You are aware of the GPLv3 licensed database at 
 http://software77.net/geo-ip/ ?

Woohoo, nice. Combine this with Julien’s idea to implement support for a new 
database format, and I think you have the correct solution.

And who ports it to this database format (they are incompatible) and maintains 
it in the future?

I think this job may be as hard as reverse eng. it, or?

Cheers.


Re: Serious problem with geoip - databases could not be build from source

2009-08-26 Thread Patrick Matthäi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Alexander Cherepanov schrieb:
 Hi Bjørn!
 On Wed, 26 Aug 2009 11:09:35 +0200, Bjørn Mork bj...@mork.no wrote:
 
 Somebody would help me contacting and convincing the RIRs about
 a free geoIP database?
 

 I believe such usage can be considered within the RIRs AUPs, provided
 that you follow their guidelines for bulk downloads and only
 redistribute a small subset of the data (i.e. only the country attribute
 of the inetnum objects).

 You are aware of the GPLv3 licensed database at
 http://software77.net/geo-ip/ ?

 This database is used by Geo::IPfree, and probably other applications
 already part of Debian.
 
 There is another geo-ip db packaged in Debian -- tor-geoipdb (used by 
 Tor).
 
 But the problem described in the original mail is that it's unknown 
 how to derive binary data file from source data, not absence of free 
 data. So available alternatives will not help here.
 
 But looking into all this led to a bunch of questions for 
 debian-legal.
 
 1. maxmind. Web page[1] show that C code is under LGPL but data files 
are under Open Data License (BSD-like + fixed text acknowledgment --
slightly non-free?). However Debian copyright file lists only LGPL. 
Patrick, is it an informed decision or a bug?

I am aware of it, my plan was to fix first the source - dat problem and
then in the same way the license.

The license for the source database is free.

 
 2. tor-geoipdb. First, license[1] is not very clean and also contains 
fixed text acknowledgment -- is it free? Second, Some parts of the 
IP-to-Country Database are derived from APNIC, ARIN, LACNIC and RIPE 
databases whose copyright details are given below and lack free 
licenses. Undistributable?
 
Debian copyright file doesn't include RIR Licenses part for some 
reason.
 
 3. http://software77.net/geo-ip/ . How is it possible for their data 
to be licensed under GPL when the data seems to come directly from 
RIRs?

Is this *realy* our job? We do not know from where the data is and if
they come from RIR = maybe there is some silent acknowledgment.

Also someone noted in the thread (I think on devel it was) that the data
may be used in limited editions (e.g. only the associated country, but
not the contact informations).

- --
/*
Mit freundlichem Gruß / With kind regards,
 Patrick Matthäi
 GNU/Linux Debian Developer

E-Mail: pmatth...@debian.org
patr...@linux-dev.org

Comment:
Always if we think we are right,
we were maybe wrong.
*/
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkqVZOQACgkQ2XA5inpabMdjIgCfbhr6LnLrqH3bZo/32LSaN0xS
cawAn3zpNN4/yp9ETLv+Ov0DuJ6sgFiv
=V1wc
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org



Serious problem with geoip - databases could not be build from source

2009-08-25 Thread Patrick Matthäi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hello lists and maxmind,

(please CC me in your replys, I am not subscribed to debian-legal@ and
debian-devel@, thanks).

First some facts:
- - geoip is installed/used by many users, popcon reports something like 20%
- - Some more packages are in the reverse dependency list
- - Much much much more packages are in the reverse reverse dependency
list of it


GeoIP is a quite usefull library for geolocation.
It has got a stable ABI/API and upstream is normaly very helpfull with
patches and issues.

But I have got a serious problem with it:
1) upstream delivers the databases only as binary .dat files
2) csv versions of the free databases are available
3) upstream isn't cooperative to tell us how to build the binary files
from the csv (source) files

I tried to fix this issue together with upstream, but his decision was,
that we should remove the database(s) from the tarball and let them
download at install time, this would be a candidate for contrib.

If Boris Zentner ACKs with it I will publish the mailing result of us.

I disagree with it, because of the reverse dependencies.
GeoIP is also not a candidate for main without any database, because the
whole library isn't usefull in any manner then.


Currently I see only three options:
1) upstream decides to open his build system
2) we move it to contrib with all consequences
3) we leave it as it is

2) would be a disaster in my and many other eyes, 3) would be an
exception of the DFSG, 1) is in my opinion the only acceptable solution
for this problem.

I hope you could help me. :)

- --
/*
Mit freundlichem Gruß / With kind regards,
 Patrick Matthäi
 GNU/Linux Debian Developer

E-Mail: pmatth...@debian.org
patr...@linux-dev.org

Comment:
Always if we think we are right,
we were maybe wrong.
*/
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkqUHgAACgkQ2XA5inpabMdu4QCgrN4zZveJ7kqV7+bujaaTjFaM
hxcAnRlfuZeQAy3bbB10RPYyu/3iUzDK
=s36I
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org



Re: Serious problem with geoip - databases could not be build from source

2009-08-25 Thread Patrick Matthäi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

MJ Ray schrieb:
 Patrick Matthäi pmatth...@debian.org wrote:
 GeoIP is a quite usefull library for geolocation.
 It has got a stable ABI/API and upstream is normaly very helpfull with
 patches and issues.
 [...]
 Currently I see only three options:
 1) upstream decides to open his build system
 2) we move it to contrib with all consequences
 3) we leave it as it is
 
 4) we deduce the build system by looking at the CSVs and how the
 library uses the binary dat files, then junk the upstream-built
 dat files.  I've no idea if this is feasible, but it's another
 option.

This is also an option, I have got one serious semi ACK for reverse
engenierng it, but it is also on my list of last choices.

 
 It seems a shame if an upstream wants a library removed from the
 debian operating system and uses data files to achieve that, but
 shouldn't we respect that for now?

It is unacceptable for Debian and many other distributions.
It is in my eyes also unacceptable for the business model of maxmind,
because there *will* be less customers for their commercial database
version if distributions/authors drop GeoIP support, because it is non-free.

- --
/*
Mit freundlichem Gruß / With kind regards,
 Patrick Matthäi
 GNU/Linux Debian Developer

E-Mail: pmatth...@debian.org
patr...@linux-dev.org

Comment:
Always if we think we are right,
we were maybe wrong.
*/
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkqUKKcACgkQ2XA5inpabMfvmgCfTiHxsxw0sVhi+DmnBh206nts
0nAAn3f+Qz2X/IYt/9oSKS8igw9Ji476
=AnXl
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org



Re: deluge and GeoIP database license

2008-11-25 Thread Patrick Matthäi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Cristian Greco schrieb:
 On Mon, Nov 24, 2008 at 08:09:45PM +0100, Patrick Matthäi wrote:
 
 Yeah it was considered non-free. I adopted the package and fixed the
 issues together with the upstream authors. It is fixed since I am
 repackaging it with a dfsg tarball.
 
 I see your point here.
 
 I had a look at your geoip package in experimental (1.4.5.dfsg-1). You
 removed the string All Rights Reserved from the GeoIP database using:
 
 $ sed 's/ All Rights Reserved//' -i data/GeoIP.dat
 
 In effect, the GeoLiteCountry database used by deluge has the very same
 problem:
 
 $ wget 
 http://www.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz
 $ gunzip GeoIP.dat.gz
 $ strings GeoIP.dat 
 GEO-106FREE 20081101 Build 1 Copyright (c) 2007 MaxMind LLC All Rights 
 Reserved
 
 I guess I'll ask MaxMind for a similar permission to change the
 copyright statement and then I'll repackage the source tarball.
 
 Any suggestion?

At least you are free to remove it from your copy also, it is not
restricted for Debian-only (what would be non-free per DGSG).
See debian/README.Debian-source.

Anyway it would be still a RC bug if you embedde code copys in your package.

If you *realy* just need the database file (not the library itself) you
could also depend on the new geoip-database package from experimental,
which just includes the database, but I do not recommend this.

- --
/*
Mit freundlichem Gruß / With kind regards,
Patrick Matthäi

E-Mail: [EMAIL PROTECTED]

Comment:
Always if we think we are right,
we were maybe wrong.
*/
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkksXj8ACgkQ2XA5inpabMdUXQCfT7lDyYU2MtZKCBnKeOplkf6h
fVsAn0Y9CTSD8KiueMR712jrMssFDDZy
=4MUL
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]



Re: deluge and GeoIP database license

2008-11-24 Thread Patrick Matthäi
Cristian Greco schrieb:
 Hi all,
 
 I'm working for a new upload of deluge[0] (bittorrent client).
 
 The source tarball includes a GeoLite Country (binary) database by
 MaxMind, which should be distributed using the license[1] below.

Please do not ship any copys of the database, such things are serious.

 
 I've found that ktorrent (CCing to pkg-kde-extras, please CC your
 replies because I'm not subscribed) uses the same DB by MaxMind, but
 that license has been considered non DFSG-free two years ago by the
 list[2].

Yeah it was considered non-free. I adopted the package and fixed the
issues together with the upstream authors. It is fixed since I am
repackaging it with a dfsg tarball.


-- 
/*
Mit freundlichem Gruß / With kind regards,
Patrick Matthäi

E-Mail: [EMAIL PROTECTED]

Comment:
Always if we think we are right,
we were maybe wrong.
*/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]



Re: TrueCrypt License 2.5

2008-10-19 Thread Patrick Matthäi
Philipp Hübner schrieb:
 The click-wrap mechanism wouldn't be a problem, sun-java does the same.
 If this is the only difficulty I'd give it a try.

sun-java is in non-free.
Click-wrap licensee mechanisms makes the license non-free if you are not
allowed to remove this mechanism from the source code - if you are
allowed to remove it from the source, then do it and it is fine.

-- 
/*
Mit freundlichem Gruß / With kind regards,
Patrick Matthäi

E-Mail: [EMAIL PROTECTED]

Comment:
Always if we think we are right,
we were maybe wrong.
*/


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]



Re: TrueCrypt License 2.3

2008-03-30 Thread Patrick Matthäi
 available version or
derivative of this code cannot be changed. i.e. this code cannot simply be
copied and put under another distribution licence
[including the GNU Public Licence.]


Copyright (C) 2002-2004 Mark Adler, all rights reserved
version 1.8, 9 Jan 2004

This software is provided 'as-is', without any express or implied
warranty. In no event will the author be held liable for any damages
arising from the use of this software.

Permission is granted to anyone to use this software for any purpose,
including commercial applications, and to alter it and redistribute it
freely, subject to the following restrictions:

1. The origin of this software must not be misrepresented; you must not
   claim that you wrote the original software. If you use this software
   in a product, an acknowledgment in the product documentation would be
   appreciated but is not required.
2. Altered source versions must be plainly marked as such, and must not be
   misrepresented as being the original software.
3. This notice may not be removed or altered from any source distribution.


Copyright (c) 2001 Markus Friedl. All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
   notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
   notice, this list of conditions and the following disclaimer in the
   documentation and/or other materials provided with the distribution.

THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.





-- 
Mit freundlichem Gruß / With kind regards,
Patrick Matthäi

E-Mail: [EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]



Re: TrueCrypt License 2.3

2008-01-13 Thread Patrick Matthäi

Måns Rullgård schrieb:

Patrick Matthäi [EMAIL PROTECTED] writes:


Hello,

I wanted to package maybe truecrypt for Debian.
There was an older discussion on l.d.legal for an older version of the
TrueCrypt license, where the most developers said, that it is not
distributeable.

But as I know TrueCrypt has modified the license, so that more
distributions could ship it.

Here it is: http://www.truecrypt.org/license.php

I'm not a lawler, so what do you mean, is this license free or when
not could I distribute it in non-free?


At a glance, the bits that might be controversial appear to be a few
naming restriction clauses and some advertising clauses.  I don't see
anything restricting use or distribution.

IANAL


Thanks,

sounds good :)

--
Mit freundlichem Gruß / With kind regards,
Patrick Matthäi

E-Mail: [EMAIL PROTECTED]
Homepage: http://www.Linux-Dev.org/


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]



TrueCrypt License 2.3

2008-01-12 Thread Patrick Matthäi

Hello,

I wanted to package maybe truecrypt for Debian.
There was an older discussion on l.d.legal for an older version of the 
TrueCrypt license, where the most developers said, that it is not 
distributeable.


But as I know TrueCrypt has modified the license, so that more 
distributions could ship it.


Here it is: http://www.truecrypt.org/license.php

I'm not a lawler, so what do you mean, is this license free or when not 
could I distribute it in non-free?


--
Mit freundlichem Gruß / With kind regards,
Patrick Matthäi

E-Mail: [EMAIL PROTECTED]
Homepage: http://www.Linux-Dev.org/


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]