Bug 1012269 - bouncycastle: implements elliptic curve cryptography
Summary: bouncycastle: implements elliptic curve cryptography
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: bouncycastle (Show other bugs)
(Show other bugs)
Version: rawhide
Hardware: Unspecified Unspecified
unspecified
high
Target Milestone: ---
Assignee: Mat Booth
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Keywords:
Depends On: 319901
Blocks: FE-Legal
TreeView+ depends on / blocked
 
Reported: 2013-09-26 07:19 UTC by Mikolaj Izdebski
Modified: 2014-06-25 14:23 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-06-25 14:23:04 UTC
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Mikolaj Izdebski 2013-09-26 07:19:54 UTC
Description of problem:
bouncycastle implements elliptic curve cryptography (ECC), which is patented and therefore not allowed to be included in Fedora.

See bug #319901 for detailed discussion about ECC in OpenSSL package.

Version-Release number of selected component (if applicable):
1.46-10

Steps to Reproduce:
1. unpack package sources
2. grep -i -r elliptic

Comment 1 Mat Booth 2013-09-26 12:56:08 UTC
For me, this really depends on two things:

a) The resolution of bug #319901 -- I'm not about to do any work on this that may be rendered unnecessary (I am a volunteer)

b) Whether bouncycastle actually implements the same allegedly patented algorithms as openssl (I don't think a cursory grep confirms this)

Comment 2 gil cattaneo 2013-09-26 15:00:12 UTC
(In reply to Mat Booth from comment #1)
> For me, this really depends on two things:
> 
> a) The resolution of bug #319901 -- I'm not about to do any work on this
> that may be rendered unnecessary (I am a volunteer)
> 
> b) Whether bouncycastle actually implements the same allegedly patented
> algorithms as openssl (I don't think a cursory grep confirms this)

+1
regards

Comment 3 Mikolaj Izdebski 2013-09-27 06:32:29 UTC
(In reply to Mat Booth from comment #1)
> For me, this really depends on two things:
> 
> a) The resolution of bug #319901 -- I'm not about to do any work on this
> that may be rendered unnecessary (I am a volunteer)
> 
> b) Whether bouncycastle actually implements the same allegedly patented
> algorithms as openssl (I don't think a cursory grep confirms this)

No argument here.  I just thought that it would be nice to track it and that as a new maintainer of bouncycastle you might be not aware of this issue.

Comment 4 Mat Booth 2013-09-27 06:53:43 UTC
Fair enough, thanks for raising the ticket.

Comment 5 Scott Schmit 2013-10-15 10:36:20 UTC
This may now be a non-issue. See bug #319901. CC'ing Tom.

Comment 6 Tom "spot" Callaway 2014-06-25 14:23:04 UTC
After review, I'm pretty sure this is a non-issue. Closing.


Note You need to log in before you can comment on or make changes to this bug.