[Fedora-legal-list] Re: Legal Problem: md5 implementation
Enrico Scholz
enrico.scholz at informatik.tu-chemnitz.de
Tue Sep 18 14:11:07 UTC 2007
"Tom \"spot\" Callaway" <tcallawa at redhat.com> writes:
>> http://www.ietf.org/ietf/IPR/RSA-MD-all states
>>
>> | ...
>> | implementations derived from the reference C code in RFC-1319, RFC-1320,
>> | and RFC-1321, may be made, used, and sold without license from RSA for
>> | any purpose.
>>
>> This seems to allow relicensing with any license (inclusive GPL), doesn't
>> it?
>
> Yes, but the way it is worded is specific. You may make MD5 implementations
> based on the RFC code, used them, and even sell them without license from
> RSA.
>
> HOWEVER: RSA did make an MD5 implementation,
This implementation is equal to the reference C code in RFC-1321 (which
seems to be GPL compatible accordingly the statement above).
> which is under their license (a BSD with advertising style license). If
> your code is using that implementation,
So the question is, whether code was created by a copy & paste operation
or by downloading a C file? Dunno, how I can check which method was
used...
Enrico
More information about the legal
mailing list