Re: HTTP Digest auth module for JtR, copyright issues
David, On Sun, Jan 18, 2009 at 08:46:09PM +0100, David Paleino wrote: > Is "GPLv2 or later" ok to you? (that's to ensure inclusion in upstream code) No license choice can "ensure" inclusion, it can merely "allow" for inclusion. OK, I am nitpicking. More importantly, "GPLv2 or later" is not sufficient to allow for inclusion upstream, as I explained in my posting: http://lists.alioth.debian.org/pipermail/pkg-john-devel/2009-January/000232.html Maybe I did not express it clearly enough... By "dual-license" I definitely did not mean just the "v2 or later" thing, I meant "GPL or something more permissive at the user's discretion" - that is, besides GPL there has to be a more permissive license allowing for proprietary derived works. In a follow-up posting, I mentioned that I'd be happy if all contributions, short of those placed in the public domain (which I like best), were licensed under the micro-license found in nonstd.c: * This software may be modified, redistributed, and used for any purpose, * so long as its origin is acknowledged. For the nitpickers, let's extend the suggested license to: This software may be redistributed and used in source and binary forms, with or without modification, so long as its origin is acknowledged. This suggested wording resembles that of 2-clause BSD more closely, yet it replaces the 2 clauses requiring specific attribution with the more premissive wording from Matthew Kwan's micro-license. Matthew Kwan's original wording, quoted above, has the same issue that the ISC license does, where one might claim that redistribution of modified versions was not permitted. See: http://www.fsf.org/licensing/licenses/#ISC Alexander -- Pkg-john-devel mailing list Pkg-john-devel@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/pkg-john-devel
Re: HTTP Digest auth module for JtR, copyright issues
> > Is "GPLv2 or later" ok to you? (that's to ensure inclusion in upstream code) It's OK. > > Thank you for your prompt reply. -- Romain Raboin -- Pkg-john-devel mailing list Pkg-john-devel@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/pkg-john-devel
Re: HTTP Digest auth module for JtR, copyright issues
On Sun, 18 Jan 2009 20:40:10 +0100, Romain Raboin wrote: > > Hello, > > I'm writing to you because you wrote the module in subject. Trying to > > include the patch for this module into the Debian package for john, I > > encountered some issues: > > 1) no copyright years are given. > >Since a patch cannot convey timestamps information, I cannot infer those > >from anywhere. Please provide one or more years, or a range; > > I wrote this patch during july / august 2008 Thanks for the information. > > 2) no licensing statement is made. > >Please choose a DFSG-free license to ease inclusion into Debian. Also, > > you might want to ask for inclusion upstream, and that has additional > >requirements: > > > > http://lists.alioth.debian.org/pipermail/pkg-john-devel/2009-January/000232.html > >Also Public Domain is fine, but please clearly state it. > > All my work about password cracking was released under GPL license. Is "GPLv2 or later" ok to you? (that's to ensure inclusion in upstream code) Thank you for your prompt reply. Kindly, David -- . ''`. Debian maintainer | http://wiki.debian.org/DavidPaleino : :' : Linuxer #334216 --|-- http://www.hanskalabs.net/ `. `'` GPG: 1392B174 | http://snipr.com/qa_page `- 2BAB C625 4E66 E7B8 450A C3E1 E6AA 9017 1392 B174 signature.asc Description: PGP signature -- Pkg-john-devel mailing list Pkg-john-devel@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/pkg-john-devel
HTTP Digest auth module for JtR, copyright issues
> Hello, > I'm writing to you because you wrote the module in subject. Trying to include > the patch for this module into the Debian package for john, I encountered some > issues: > 1) no copyright years are given. >Since a patch cannot convey timestamps information, I cannot infer those >from anywhere. Please provide one or more years, or a range; I wrote this patch during july / august 2008 > 2) no licensing statement is made. >Please choose a DFSG-free license to ease inclusion into Debian. Also, you >might want to ask for inclusion upstream, and that has additional >requirements: > > http://lists.alioth.debian.org/pipermail/pkg-john-devel/2009-January/000232.html >Also Public Domain is fine, but please clearly state it. All my work about password cracking was released under GPL license. > 3) I suppose you're the copyright holder for doc/HDAA_README as well, but I > cannot include it until I'm sure. So please clearly state this as well. Yes I wrote doc/HDAA_README. You can find my work here : http://syscall.eu/romain/ > Please remember to keep the list CCed, so that we can have a public record of > our mailing. Done. -- Romain Raboin -- Pkg-john-devel mailing list Pkg-john-devel@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/pkg-john-devel
HTTP Digest auth module for JtR, copyright issues
Hello, I'm writing to you because you wrote the module in subject. Trying to include the patch for this module into the Debian package for john, I encountered some issues: 1) no copyright years are given. Since a patch cannot convey timestamps information, I cannot infer those from anywhere. Please provide one or more years, or a range; 2) no licensing statement is made. Please choose a DFSG-free license to ease inclusion into Debian. Also, you might want to ask for inclusion upstream, and that has additional requirements: http://lists.alioth.debian.org/pipermail/pkg-john-devel/2009-January/000232.html Also Public Domain is fine, but please clearly state it. 3) I suppose you're the copyright holder for doc/HDAA_README as well, but I cannot include it until I'm sure. So please clearly state this as well. Please remember to keep the list CCed, so that we can have a public record of our mailing. Kindly, David Paleino -- . ''`. Debian maintainer | http://wiki.debian.org/DavidPaleino : :' : Linuxer #334216 --|-- http://www.hanskalabs.net/ `. `'` GPG: 1392B174 | http://snipr.com/qa_page `- 2BAB C625 4E66 E7B8 450A C3E1 E6AA 9017 1392 B174 signature.asc Description: PGP signature -- Pkg-john-devel mailing list Pkg-john-devel@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/pkg-john-devel