[Fedora-legal-list] Re: Legal Problem: md5 implementation
Tom "spot" Callaway
tcallawa at redhat.com
Tue Sep 18 15:50:18 UTC 2007
On Tue, 2007-09-18 at 09:36 -0400, Tom "spot" Callaway wrote:
> HOWEVER: RSA did make an MD5 implementation, which is under their
> license (a BSD with advertising style license). If your code is using
> that implementation, we need to replace it with an MD5 implementation
> that is under a GPL compatible license.
To clarify:
Originally, the RSA MD5 implementation was released as public domain
code. At some point, RSA slapped BSD with advertising on that code.
If the RSA md5 implementation has this license text in it:
"License to copy and use this software is granted provided that it
is identified as the "RSA Data Security, Inc. MD5 Message-Digest
Algorithm" in all material mentioning or referencing this software
or this function."
Then, it is under the BSD with advertising style license, and we need
to replace that code (since we cannot legally relicense it).
If for some reason, the RSA MD5 implementation does not have that license
text, it can be interpreted as being in the public domain from the original
release, and you do not need to replace it.
This is tricky, because reverting to the public domain code would be the same
as simply removing the license, and we cannot do that.
~spot
More information about the legal
mailing list