On Sun, May 06, 2001 at 02:34:41AM +0200, Carlos Prados wrote:
> Hi,
>
> I'm packaging POC from http://poc.crackinghacking.de/
>
> The program is distributed under GPL, but I have observed several
> irregularities, and so I wanted to ask wheter it's DFSG compliant or not:
>
> * It includes and statically links sha2.c from
> http://www.aarongifford.com/computers/sha.html, which is BSD licensed
> (without advertising clause). I think they are compatible but I'm not
> sure.
This is fine.
>
> * It copies sources blowfish.c, and rijndael.c from gnupg (also GPL) which
> have been lightly modified to remove some unneeded funtions and some
> datatypes. The problem is that the author has replaced the Copyright
> holder notice with it's own.
>
Including the files is fine. Changing the copyright notice is not.
At a minimum, the copyright of the original author must also be
mentioned.
> Also I'm not sure wheter the cyphering algorithms blowfish and
> rijndael (aes) force the program to go to non-US or it can be put into
> main.
It needs to go into nonus, barring a change in policy on crypto.
sam th --- sam@uchicago.edu --- http://www.abisource.com/~sam/
OpenPGP Key: CABD33FC --- http://samth.dyndns.org/key
DeCSS: http://samth.dynds.org/decss
Attachment:
pgpfyTQ4Q4PhE.pgp
Description: PGP signature