Red Hat Bugzilla – Bug 202524
crypto-utils has a bad license and should be removed.
Last modified: 2013-01-09 23:02:08 EST
This bug is filed as part of the FSF compatible licensing audit of Fedora:
Crypto-utils contains three pieces of code, with three different licenses:
- librand (AT&T BSD, OK)
- Makerand (GPL or Artistic, OK)
- keyrand (PGP license found here:
ftp://ftp.pgpi.org/pub/pgp/2.x/doc/pgpdoc2.txt, NOT OK)
The keyrand code is under the PGP license, which is pretty restrictive, and not
very open source compatible (it has restrictions on commercial use). Since
keyrand seems to be pretty pivotal for the other bits of crypto-utils, this
package should be removed from the distribution and CVS ASAP.
I've done some repo queries and I can't find anything that uses this. Joe, do
you forsee any problems removing this package from the distribution?
The user uses it! It's the only excuse for a cert generation tool we have.
I built -2.3-1 yesterday which replaces the PGP licensed stuff with a poor man's
keyrand I wrote from scratch, I just need to test this and it can go in.
It works fine, marking closed.