Bug 202524

Summary: crypto-utils has a bad license and should be removed.
Product: [Fedora] Fedora Reporter: Tom "spot" Callaway <tcallawa>
Component: crypto-utilsAssignee: Joe Orton <jorton>
Status: CLOSED RAWHIDE QA Contact:
Severity: urgent Docs Contact:
Priority: urgent    
Version: rawhideCC: dcantrell, sundaram
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-08-18 10:57:19 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 150224    

Description Tom "spot" Callaway 2006-08-14 21:58:37 UTC 
This bug is filed as part of the FSF compatible licensing audit of Fedora:

Crypto-utils contains three pieces of code, with three different licenses:

- librand (AT&T BSD, OK)
- Makerand (GPL or Artistic, OK)
- keyrand (PGP license found here:
ftp://ftp.pgpi.org/pub/pgp/2.x/doc/pgpdoc2.txt, NOT OK)

The keyrand code is under the PGP license, which is pretty restrictive, and not
very open source compatible (it has restrictions on commercial use). Since
keyrand seems to be pretty pivotal for the other bits of crypto-utils, this
package should be removed from the distribution and CVS ASAP.
Comment 1 Jesse Keating 2006-08-18 02:01:32 UTC 
I've done some repo queries and I can't find anything that uses this.  Joe, do
you forsee any problems removing this package from the distribution?
Comment 2 Joe Orton 2006-08-18 07:38:23 UTC 
The user uses it!  It's the only excuse for a cert generation tool we have.

I built -2.3-1 yesterday which replaces the PGP licensed stuff with a poor man's
keyrand I wrote from scratch, I just need to test this and it can go in.
Comment 3 Joe Orton 2006-08-18 10:57:19 UTC 
It works fine, marking closed.