Re: New License Request: RSA-MD
On Wed, Jan 28, 2015 at 9:10 AM, Sam Ellis <Sam.Ellis@...> wrote:
I'd like to request the addition of RSA's Message-Digest license to the SPDX License List.Sam:
I agree with you, both licenses are common enough in the wild.
Both the MD4 and MD5 notices are found in RFCs, which is a good
reference URL IMHO as they were crafted and submitted there by Ron
Rivest from RSA.
MD4: page 6/7: https://www.ietf.org/rfc/rfc1320.txt
MD5: page 7: https://www.ietf.org/rfc/rfc1321.txt
Another common occurence for these is in the cURL codebase:
Note: the same license can be found in the PKCS-11 / Cryptoki code at:
such as in: ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11f.h
Since the MD4, MD5 and Cryptoki licenses variations are limited to the
algorithm names it could be great if someone from RSA/EMC legal could
chime in on the templating... that would make things much simpler for
Finally there is also the less common MD2: See page 6:
It has a similar but different text so is another one altogether and
may not yet warrant an SPDX inclusion.
It is restricted to email: "License to copy and use this software is
granted for non-commercial Internet Privacy-Enhanced Mail"
You can find it in original BSD distributions such as Freebsd:
https://svnweb.freebsd.org/base/stable/2.1/lib/libmd/ (NB: together
with the md4 and md5 code and licenses)
+1 650 799 0949 | pombredanne@...
DejaCode : What's in your code?! at http://www.dejacode.com
nexB Inc. at http://www.nexb.com