[Opendnssec-user] [softHSM] Problematic PKCS #11 header files

Ondřej Surý ondrej at sury.org
Thu Jan 21 17:18:09 CET 2010


On Thu, Jan 21, 2010 at 16:21, Rick van Rein <rick at openfortress.nl> wrote:
> Ondrej,
> Thanks for your caution.
>> there seems to be a little licensing problem with PKCS#11 headers from
>> RSA. They contain an advertising clause, which is considered non-free.
> The intention that RSA has with the PKCS #11 spec is clearly to have it
> freely available to anyone; even if the letter might disagree with the
> most fundamental of open-source approaches, then still the practice
> stands out as fair and reasonable.
> There is really no need to boycot RSA on this matter.

Intention is good, but the execution is horrible. Sort-of-BSD license
with advertising clause is always problematic.

>> OpenSC is using replacement from SCUTE project (www.scute.org), I'll
>> try it as replacement and report back.
> If pressed by RSA we can always make this sort of escape, of course.

> This is probably not worth your time to worry about any such details.

Well, it's worth time time, if you ever want to have softHSM (and
OpenDNSSEC) in Debian, which could happen fairly soon, if SCUTE
pkcs11.h works well.

Ondřej Surý <ondrej at sury.org>

More information about the Opendnssec-user mailing list