Return-Path: 
 <dev-return-29243-apmail-harmony-dev-archive=harmony.apache.org@harmony.apache.org>
Delivered-To: apmail-harmony-dev-archive@www.apache.org
Received: (qmail 88566 invoked from network); 18 Sep 2007 11:54:27 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2)
  by minotaur.apache.org with SMTP; 18 Sep 2007 11:54:27 -0000
Received: (qmail 27807 invoked by uid 500); 18 Sep 2007 11:54:18 -0000
Delivered-To: apmail-harmony-dev-archive@harmony.apache.org
Received: (qmail 27784 invoked by uid 500); 18 Sep 2007 11:54:18 -0000
Mailing-List: contact dev-help@harmony.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@harmony.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@harmony.apache.org>
List-Post: <mailto:dev@harmony.apache.org>
List-Id: <dev.harmony.apache.org>
Reply-To: dev@harmony.apache.org
Delivered-To: mailing list dev@harmony.apache.org
Received: (qmail 27775 invoked by uid 99); 18 Sep 2007 11:54:17 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 18 Sep 2007 04:54:17 -0700
X-ASF-Spam-Status: No, hits=-0.0 required=10.0
	tests=SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: domain of t.p.ellison@gmail.com
 designates 66.249.92.169 as permitted sender)
Received: from [66.249.92.169] (HELO ug-out-1314.google.com) (66.249.92.169)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 18 Sep 2007 11:56:07 +0000
Received: by ug-out-1314.google.com with SMTP id k40so76091ugc
        for <dev@harmony.apache.org>; Tue, 18 Sep 2007 04:53:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=beta;
        h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding;
        bh=hlHK3ZqLAgxisc8ZyLeFOsuUtXKSEiLHx9zladAbJi0=;
        b=Guo7rWZYKLbHjC6zOIPxucrMjgBrCM2q9yh6ke3El/9RbAoCCirh7jqcNNyumM0wIe+6sOVQHcWm9imwhaiZREOaek2fdgphKoVStv+dtrxvo45gzJ5uXGijXJkRYGZjAmEHpnfCeKddqlNnHzH+Ac8rgrjXIstleq59oR/Nd4g=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=beta;
        h=received:message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding;
        b=tudLnljF/hgqEgyFrvlmDl4bvvzTVmRIgUP20565mLUM3ZuICLyzVyN3iNMVrsotqWWgw5qhVvLyfATOBokThgbT/NRMS1NJRqSCjzWFz+CDg2LWmxxRIPsMwtehC/QF0dJpp9oRfT4vjkaG6m0mKRzYFNU49/R5VpwFRiN+e+A=
Received: by 10.67.19.17 with SMTP id w17mr672373ugi.1190116432419;
        Tue, 18 Sep 2007 04:53:52 -0700 (PDT)
Received: from ?9.20.183.161? ( [195.212.29.92])
        by mx.google.com with ESMTPS id f8sm4701344nfh.2007.09.18.04.53.50
        (version=SSLv3 cipher=RC4-MD5);
        Tue, 18 Sep 2007 04:53:50 -0700 (PDT)
Message-ID: <46EFBC4A.2000008@gmail.com>
Date: Tue, 18 Sep 2007 12:53:46 +0100
From: Tim Ellison <t.p.ellison@gmail.com>
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: dev@harmony.apache.org
Subject: Re: [classlib] Redistributing bouncy castle providers
References: <46EFA342.7050801@gmail.com>
	 <906dd82e0709180410w7afd842fpf1e5adc5e8ce7c3e@mail.gmail.com>
	 <46EFB5E3.60102@gmail.com>
 <906dd82e0709180437s3ea5ef45l37950588558560d0@mail.gmail.com>
In-Reply-To: <906dd82e0709180437s3ea5ef45l37950588558560d0@mail.gmail.com>
X-Enigmail-Version: 0.95.3
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Virus-Checked: Checked by ClamAV on apache.org

Mikhail Loenko wrote:
> I think it's OK to keep it. It's written according to
> http://www.ietf.org/rfc/rfc2246.txt

Depends what you mean by "it".  I agree that its ok for us to keep the
references to the algorithm, but we should not be redistributing the
implementation of the algorithm.

Regards,
Tim


> 2007/9/18, Tim Ellison <t.p.ellison@gmail.com>:
>> Mikhail Loenko wrote:
>>> 2007/9/18, Tim Ellison <t.p.ellison@gmail.com>:
>>>> There is a discussion over at the incubator general mailing list (e.g.
>>>> [1]), amongst other places, about the redistribution of BouncyCastle
>>>> code from ASF machines.
>>>>
>>>> The crux is that we can't redistribute BC's IDEA implementation as it is
>>>> subject to a known patent for which we don't have a grant/license.
>>>>
>>>> We'll have to change our current practice of publishing binaries that
>>>> include BC unmodified.  The resolution seems to be maintaining a local
>>>> copy of the BC JAR without the offending algorithm.  I expect we would
>>>> have to unsign the JAR too when modified.
>>>>
>>>> Do we have any dependencies upon IDEA?  I see some references in the
>>>> JSSE cipher suite code,
>>> Reference to IDEA?
>> just grepping:
>>
>> modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java
>> 107:    static byte[] code_TLS_RSA_WITH_IDEA_CBC_SHA = { 0x00, 0x07 };
>> 157:    static CipherSuite TLS_RSA_WITH_IDEA_CBC_SHA = new CipherSuite(
>> 158:            "TLS_RSA_WITH_IDEA_CBC_SHA", false, KeyExchange_RSA,
>> "IDEA_CBC",
>> 159:            "SHA", code_TLS_RSA_WITH_IDEA_CBC_SHA);
>> 256:            TLS_RSA_WITH_IDEA_CBC_SHA,
>> 417:        } else if ("IDEA_CBC".equals(cipherName)) {
>> 418:            this.cipherName = "IDEA/CBC/NoPadding";
>>
>>
>> Regards,
>> Tim
>>
>