Sam Hartman <hartmans@debian.org> writes: >>>>>> "Jan" == Jan Mojzis <jan.mojzis@gmail.com> writes: > > * Package name : randombytes > Version : 20230126 > Upstream Author : Daniel J. Bernstein > * URL : https://randombytes.cr.yp.to/ > * License : Public domain > > Public domain is problematic as a license. > At least under US copyright law, there are very few circumstances when > something can actually be public domain. > One example is software written by US government employees. > But I don't think any of those circumstances apply to this library. > So I'm not sure the license is okay. We have plenty of code written under that same license from the same group of authors, already in Debian. Look in OpenSSH and OpenSSL for example. So I would disagree there is a license problem having this package in Debian. Jan, I'm happy to help review, sponsor and co-maintain randombytes if you are interested. I rely on it as a dependency in some projects I'm working on. /Simon
Attachment:
signature.asc
Description: PGP signature