Re: Bind 8.2 and greater license?
On Thu, Sep 09, 1999 at 12:58:36 -0700, David R. Conrad wrote:
> > Changing the build process to allow BIND to be built both without the
> > RSA code for distribution in our "main" tree and with everything
> > included to be distributed in our "non-free" tree would be a good
> > compromise.
>
> Would a "--no-rsa" option during configuration be workable?
We don't allow non-free source to be part of Debian proper ("main"). If a
"--no-rsa" option is feasible for you, it indicates that it is most likely
feasible for us to produce a tarball with the non-free code removed so we
can have bind in "main". Of course, we would prefer it if in the end you
were to do this yourself (by having a free bind source, and the non-free RSA
code in a separate add-on), but AFAICT "--no-rsa" would be a workable
solution.
> As an aside, you are aware that by not using RSA, you'll be increasing
> the amount of CPU resources required to verify DNSSEC signatures by (I'm
> told) an order of magnitude?
I'm not very familiar with DNS, but looking at
http://www.faqs.org/rfcs/rfc2535.html the alternative algorithms specified
(DH, DSA) are well-known public key / digital signature ones; I doubt they
need so much more resources than RSA.
> > It would be particularly good if we can solve this before the code
> > freeze for Debian 2.2. Is it too late to hope for a change in BIND
> > 8.2.2?
>
> When is your code freeze date on 2.2?
That's difficult to tell, but certainly not earlier than November.
HTH,
Ray
--
Tevens ben ik van mening dat Nederland overdekt dient te worden.
Reply to: