[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: FWD: [David_Conrad@isc.org: Re: Bind 8.2 and greater license?]

> I assume (given ISC has not changed its license at all) that their
> concern is due to the license we had to sign with RSA so we could
> include RSA code for the implementation of DNSSEC.  However, this is
> only my assumption given they have not contacted us about this.  If they
> had, we might have been able to work out an alternative such as creating
> a branch without RSA.  This would have allowed people to experiment with
> DNSSEC using the DSS/DSA algorithms albeit this would be suboptimal
> given the slowness of DSA signature verification.

Hi David.  This got passed to me through a posting on the debian-devel mailing
list by Joey Hess.

I am the maintainer of the BIND packages for Debian.  We *did* raise the 
issue of the RSA license.  I'm surprised that you apparently didn't hear
about it.

LaMont Jones and I traded various emails with Paul Vixie on the issue,
and got the general impression that, while it was considered lamentable 
that the dnssafe license didn't meet the Debian Free Software Guidelines 
(which as you may know were copied and tweaked to form the Open Source 
Definition), that there was no real interest in doing anything about it.

As a result of the license issue, and the lack of a clean way to build the
daemon and utilities without the RSA code, the BIND packages moved from "main"
to "non-free" in the Debian unstable hierarchy as of version 8.2.1.

If we mis-interpreted the email from Paul on the topic, and/or made some sort
of mistake by talking to him about it instead of someone else... and the ISC 
*is* interested in supporting the ability to build a version of BIND that does
not contain any of the code covered under the separate RSA source license, 
then that's great news.  

There has been a *substantial* response from Debian developers and users 
indicating that they are willing to trade off functionality to keep BIND free.
Changing the build process to allow BIND to be built both without the RSA code
for distribution in our "main" tree and with everything included to be 
distributed in our "non-free" tree would be a good compromise.  It would be 
particularly good if we can solve this before the code freeze for Debian 2.2.
Is it too late to hope for a change in BIND 8.2.2?

If you have any questions about BIND in Debian, please don't hesitate to 
contact me.


Reply to: