Possible legal problem with ccrypt? [Was: Re: Pending Packages List, 2004-02-13]
Christopher Faylor
cgf-no-personal-reply-please@cygwin.com
Sun Feb 22 23:38:00 GMT 2004
On Sun, Feb 22, 2004 at 05:53:47PM -0500, Nicholas Wourms wrote:
>cgf wrote:
>
>>On Sun, Feb 22, 2004 at 04:27:06PM -0500, Nicholas Wourms wrote:
>>
>>>cgf wrote:
>>>
>>>>On Sun, Feb 22, 2004 at 07:39:49PM +0100, Andreas Seidl wrote:
>>>>
>>>>>However, a new problem might have popped up. Reading this thread
>>>>>http://www.cygwin.com/ml/cygwin/2004-02/msg01103.html
>>>>>
>>>>>I wonder if there are legal problems for RedHat to distribute the
>>>>>ccrypt package?
>>>
>>>Next time, please keep it to yourself.
>>
>>
>>I'm sure you wouldn't enjoy it if Red Hat was taken to task for
>>something that could have been caught early, decided that cygwin wasn't
>>worth the hassle, and pulled it from sources.redhat.com.
>>
>
>No, I wouldn't, but I didn't intend on that being the only statement.
>Consider this: The gpg which we distribute contains the *exact* same
>cipher, AES{128,192,256}, as ccrypt plus gpg also has twofish &
>blowfish.
The last time I checked, those two were also considered
>"strong" encryption ciphers. Moreover, gpg can be used encrypt and
>decrypt streams like ccrypt so, in a sense, they share similar
>functionality. That's where I see the disconnect. Does this mean we
>should ditch gpg as well or distribute a version with < 128bit ciphers?
> Frankly, I don't see why we should disqualified ccrypt because someone
>"thinks" it might be a problem. Is it *really* a problem?
>
>By his standard, RedHat has been breaking the law for years now, which
>leads me to conclude that either:
>A)The authorities don't care.
>B)Red Hat doesn't care.
>or
>C)RedHat already has filed the necessary paperwork to allow it to
>distribute binaries with strong encryption.
Hmm. I guess I haven't been as diligent as I should have been. I've
pulled gnupg from the distribution.
>>But, hey, thanks for clarifying just whom I can trust to be watching out
>>for the project's interests.
>
>Hey, you certainly have a right to your opinion. The reality is that I
>was trying to paste some text and accidentally sent that message before
>it was complete.
Yeah, isn't that always a convenient excuse?
>This reply contains some of the arguments I was planning on including
>in that message to debunk his theory. Oh well, that's all water under
>the bridge, believe what you want to believe... I suppose I'll never
>get a gold star now ;-).
Thanks. I will certainly believe what i want to believe. I'd have a
hard time not doing that, in fact.
cgf
More information about the Cygwin-apps
mailing list