Re: redistribution of the ARIN TAL

To: md@Linux.IT
Cc: debian-legal@lists.debian.org
Subject: Re: redistribution of the ARIN TAL
From: Florian Weimer <fw@deneb.enyo.de>
Date: Tue, 19 Mar 2019 21:00:40 +0100
Message-id: <[🔎] 87pnqmk51z.fsf@mid.deneb.enyo.de>
In-reply-to: <20190215110029.GA4166@bongo.bofh.it> (Marco d'Itri's message of "Fri, 15 Feb 2019 12:00:29 +0100")
References: <20190215110029.GA4166@bongo.bofh.it>

* Marco d'Itri:

> ARIN believes that they have a right to limit distribution of this RSA 
> public key (used for verification of routing security):
>
> https://www.arin.net/resources/rpki/arin-rfc7730.tal

Do they actually do that?  Prevent redistribution?

If so, I can't find where.

> Does everybody agree that this is bullshit and that we can distribute 
> this data in Debian packages as much as we like?

I think this is modeled after past relaying party agreements pretty
much all the browser CAs used.

Here's a current example:

<https://www.digicert.com/legal-repository/DigiCertRelyingPartyAgreement.pdf>

I think these terms are rather benign because as far as I can see,
they do not try to control redistribution of key material (something
that has been attempted in the past).

Reply to:

Prev by Date: Re: FRR package in Debian violates the GPL licence
Next by Date: no need to keep non-copylefted files that way in a copylefted project. (was Re: FRR package in Debian violates the GPL licence)
Previous by thread: Re: [Fedora-legal-list] Re: The license of OpenMotif (Open Group Public License)
Next by thread: Bug#924937: libpq5: OpenSSL license contamination of GPL reverse-dependencies
Index(es):
- Date
- Thread