[Integrit-users] integrit version two plans
Brought to you by:
ecashin
Menu
▾
▴
[Integrit-users] integrit version two plans
|
From: Ed L C. <ec...@te...> - 2001-06-08 22:19:33
|
This message is an update on upcoming changes to integrit. CDB: Andras Bali, the maintainer of the integrit debian package, has been talking to the Debian folks about some licensing issues. It seems that the vague license that Dan J. Bernstein put on his CDB package (the package integrit uses to read and write databases) is problematic for those who would distribute integrit packages. The problem is that the package is kind of a "derived work", and integrit's GPL specifies that works derived even partially from integrit must be distributed under the GPL. The debian folks noticed that integrit wasn't compiling on the GNU hurd platform because of a bug in CDB, and so far there's been no response from Dan Bernstein about the bug. That means that Andras Bali would like to patch cdb as part of the build process, but that leads to even more licensing hairiness. The good news is that key parts of cdb are "public domain", so I can use those parts in integrit, writing whatever extra code is necessary to fill in the gaps. This will make integrit free from licensing issues from the packagers' point of view. OPENSSL: The GNU Privacy Guard, gnupg, has free (GPL'ed) implementations of MD5 and SHA-1, so integrit version two should no longer depend on openssl for its crypto code. Not requiring a properly-installed static openssl crypto library is a big win, since this was a major stumbling block for many users (including me, on occasion!) FEATURES: If I have time, I may add a couple features: the "no-cacading" option and maybe command-line database specification. But who knows. I'm trying to be really minimal in the features camp, but the no-cascade option is going to be a big help. -- --Ed Cashin PGP public key: ec...@te... http://www.terry.uga.edu/~ecashin/pgp/ |
