Re: [IP Clearance] Apache Milagro - Decentralized Trust Authority

[Brian Spector]

Hi Justin/Everyone,

Apologies, 3rd times' a charm. The team compiled a list of libraries we are 
linked to (which includes IPFS libs) and their licenses. This linking happens 
during build time, and for the most part, these aren't included in the source 
libraries (although some are).

They are below. Does anyone see any issues?

ISC github.com/btcsuite/btcd
ISC github.com/btcsuite/btcutil
Apache 2.0  github.com/coreos/go-oidc
MIT github.com/go-kit/kit
MIT github.com/go-test/deep
Apache 2.0  github.com/go-yaml/yaml
BSD-3-Clausegithub.com/gogo/protobuf
BSD-3-Clausegithub.com/golang/protobuf
BSD-3-Clausegithub.com/google/uuid
BSD-3-Clausegithub.com/gorilla/mux
MIT github.com/ipfs/go-datastore
MIT github.com/ipfs/go-ds-leveldb
MIT/Apache  github.com/ipfs/go-ipfs
MIT github.com/ipfs/go-ipfs-api
MIT github.com/ipfs/go-ipfs-config
MIT github.com/ipfs/go-ipfs-files
MIT github.com/ipfs/interface-go-ipfs-core
MIT github.com/libp2p/go-libp2p-crypto
MIT github.com/libp2p/go-libp2p-peer
MIT github.com/multiformats/go-multihash
Apache 2.0  github.com/mwitkow/go-proto-validators
BSD-2-Clausegithub.com/pkg/errors
Apache 2.0  github.com/prometheus/client_golang
MIT github.com/stretchr/testify
MIT github.com/tyler-smith/go-bip39
MIT go.etcd.io/bbolt
MIT gopkg.in/go-playground/validator.v9

Thanks
Brian

On 28/08/2019, 08:01, "Brian Spector"  wrote:

Yes, apologies, we also have a reliance on GoKit, which is also licensed 
under MIT: https://github.com/go-kit/kit/blob/master/LICENSE

The original location was a private repo managed by Qredo Ltd.

We'll get the headers cleaned up asap.

On 28/08/2019, 00:47, "Justin Mclean"  wrote:

Hi,

Is there any 3rd party code in this donation (other than IPFS)? I note 
there’s a number of files without headers (and some with ASF headers, possibly 
incorrectly?) and that make it’s a little hard to review the IP of this 
donation.

I assume the code base was only placed at [1] for connivance, where was 
the original location? Did it originally come from another external repo?

Thanks,
Justin 

1. https://github.com/apache/incubator-milagro-dta 




smime.p7s
Description: S/MIME cryptographic signature

Re: [IP Clearance] Apache Milagro - Decentralized Trust Authority

[Brian Spector]

Yes, apologies, we also have a reliance on GoKit, which is also licensed under 
MIT: https://github.com/go-kit/kit/blob/master/LICENSE

The original location was a private repo managed by Qredo Ltd.

We'll get the headers cleaned up asap.

On 28/08/2019, 00:47, "Justin Mclean"  wrote:

Hi,

Is there any 3rd party code in this donation (other than IPFS)? I note 
there’s a number of files without headers (and some with ASF headers, possibly 
incorrectly?) and that make it’s a little hard to review the IP of this 
donation.

I assume the code base was only placed at [1] for connivance, where was the 
original location? Did it originally come from another external repo?

Thanks,
Justin 

1. https://github.com/apache/incubator-milagro-dta 



smime.p7s
Description: S/MIME cryptographic signature

Re: [IP Clearance] Apache Milagro - Decentralized Trust Authority

[Justin Mclean]

Hi,

Is there any 3rd party code in this donation (other than IPFS)? I note there’s 
a number of files without headers (and some with ASF headers, possibly 
incorrectly?) and that make it’s a little hard to review the IP of this 
donation.

I assume the code base was only placed at [1] for connivance, where was the 
original location? Did it originally come from another external repo?

Thanks,
Justin 

1. https://github.com/apache/incubator-milagro-dta 

[IP Clearance] Apache Milagro - Decentralized Trust Authority

[Brian Spector]

Hi All,

 

Apache Milagro received a donation of a software client called a Decentralized 
Trust Authority, which is built upon the Apache Milagro Crypto-C library. This 
software client is part of the evolution of Apache Milagro. It is in its own 
repo at: https://github.com/apache/incubator-milagro-dta

 

This donation contains the ‘in-development’ alpha version of the new 
Decentralized Trust Authority software client which we would like to release 
broadly in a series of staged releases until a final GA version in Q4. We would 
like to get the alpha release out asap, followed by a beta, then an RC1 and 
finally a GA version.

 

The vision is that the D-TA will be the server process that functions as the 
master key generation server for a) issuing Type-3 pairing/identity based 
secrets for M-Pin clients and servers (the original D-TA version) and b) 
safeguard shares of secrets, like Bitcoin private keys, as an example.

 

The problem with the initial version of the M-Pin client/server code into 
Milagro was that there was no standardized way to issue identity based secrets 
for M-Pin clients and servers, and a Trust Authority was conflated with the 
authentication server. This fixes that design limitation and enables a broader 
set of functional use cases to be addressed, particular for protecting 
cryptocurrency private keys and other high value secrets.

 

The D-TA contains a dependency on an embedded IPFS service, which is licensed 
under the non-conflicting MIT license: 
https://github.com/ipfs/ipfs/blob/master/LICENSE

 

The IP clearance form can be found at:

http://incubator.apache.org/ip-clearance/milagro-dta.html

once the website updates. The XML form has been posted to: 
https://svn.apache.org/repos/asf/incubator/public/trunk/content/ip-clearance/milagro-dta.xml
 and the index.xml file has been updated.

 

The commit containing the donation can be found at:

https://github.com/apache/incubator-milagro-dta/commit/e1067aef61dc0b2a523348dc9b71eb578983c9ee

 

Please vote to approve this contribution. Lazy consensus applies:

if no -1 votes are being cast within the next 72 hours, the vote passes.

 

Thank you for your support,

Brian

 

Brian SpectorChief Product and Strategy OfficerQredo LtdT: +44 13948257641 
Primrose StreetLondon, UK EC2A 2EXhttps://qredo.com Qredo Ltd is a limited 
company registered in England and Wales (registered number 7834052).  This 
e-mail and any attachments are confidential, and are intended only for the 
named addressee(s).  If you are not the intended recipient you may not copy, 
disclose to anyone else or otherwise use the content of this e-mail or any 
attachment thereto and should notify the sender immediately and delete them 
from your system.

 

 



smime.p7s
Description: S/MIME cryptographic signature