Review Request: jss - Java Security Services (bz#230262)
Warren Togami
wtogami at redhat.com
Thu May 10 03:32:25 UTC 2007
Margaret Lum wrote:
>> As discussed in the past on fedora-extras-list and other mediums, it
>> may be impossible to ship this in Fedora or RHEL signed because that
>> is in conflict with our licenses and guarantees of reproducibility.
>>
> IIRC, there was a consensus (which perhaps others on this list can
> correlate) that we can forego signing this package in Fedora. However,
> the proprietary version will still be signed.
Right, unsigned in Fedora. Proprietary or 3rd party apps needing a
signed JAR would need to provide it from a separate source. Can you
confirm that it could be parallel installed without much trouble?
>>
>> Red Hat (the company) could (pending legal approval) choose to proceed
>> with this as part of an internal product. But as the rules stand
>> today, Fedora cannot ship this signed.
> We will ship this UNsigned, in Fedora. Can approval be re-evaluated?
Right, yes it can.
Warren Togami
wtogami at redhat.com
More information about the devel
mailing list