Re: Questions about libntru license/ntru patent status
William Whyte writes ("Re: Questions about libntru license/ntru patent status"):
> Sorry for having let this drift for so long. Way back at the start
> of the discussion, as we got into the discussion of the FOSS
> Exception, there seems to have been an assumption that Tor would
> depend on that FOSS Exception to use NTRU. In fact, our plan was to
> make a Tor-specific carveout along the lines of:
Thanks for your reply.
> "The NTRU source code and patents can be freely used and distributed
> when used as part of the quantum-safe-ntor protocol as specified in [doc
> ref] and its successor documents designated as such by the Tor Project."
I'm sorry to say that I don't think Debian would want to rely on such
The reason is that it depends on the code actually implementing the
specified protocol. But, we want our downstreams and users to be able
to modify the software - including, to make it speak a different
Debian is looking for a licence that would work for Debian and all our
derivative distributions, downstreams, and users, which would allow
all of us to use and modify the software.
On the other hand Debian does not need a licence that works if some
other library, besides the NTRU library, is used to implement the
So I think the approach of a licence attached to the source code is
much more likely to be helpful. If I remember the previous
discussion, that licence was very close to suitable, with some
problems in the wording of the `FOSS exception' (ie, the exception to
permit use with non-GPL licences).
As you quote in your email I suggested a wording based on a GPL
Additional Permission. I think that is what your `FOSS exception' was
trying to do. There are many ways of doing something like that. I
hope you will adopt something suitable - since I think our goals are
fairly well aligned.