Review Request: jss - Java Security Services (bz#230262)
Margaret Lum
mlum at redhat.com
Thu May 10 03:28:39 UTC 2007
Warren Togami wrote:
> Rex Dieter wrote:
>> FYI, (originally posted to fab-list)
>>
>> reviewer(s) kindly requested.
>>
>> -- Rex
>>
>> --------------- Forwarded message (begin)
>>
>> Subject: Status of JSS in Fedora?
>> From: Margaret Lum <mlum at redhat.com>
>> Date: Wed, 09 May 2007 19:51:02 -0500
>>
>> Hi folks,
>>
>> I've noticed this package has been collecting dust for awhile. My team
>> needs this in our first open source release of our product (Certificate
>> System), and I'm working on a parallel port (from internal source) to
>> the build system here @RH. If this is not the most productive forum for
>> such approval, please point me in the right direction. This package was
>> already submitted, but it's almost 2 months past the initial file date.
>>
>> The issue that needs both resolution and an immediate updated status is:
>>
>>
>> Bugzilla Bug 230262
>> <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230262>: Review
>> Request: jss - Java Security Services (JSS)
>>
>> Thank you for your time and understanding.
>>
>
> As discussed in the past on fedora-extras-list and other mediums, it
> may be impossible to ship this in Fedora or RHEL signed because that
> is in conflict with our licenses and guarantees of reproducibility.
>
IIRC, there was a consensus (which perhaps others on this list can
correlate) that we can forego signing this package in Fedora. However,
the proprietary version will still be signed.
> https://www.redhat.com/archives/fedora-extras-list/2007-February/msg00311.html
>
> This idea was the closest even vaguely plausible way to get it into
> Fedora... however it seems to be both technically impossible and not
> good enough to bring it into compliance with our rules. Unless
> somebody else has a new idea, I don't know how we can proceed on this.
>
> Red Hat (the company) could (pending legal approval) choose to proceed
> with this as part of an internal product. But as the rules stand
> today, Fedora cannot ship this signed.
We will ship this UNsigned, in Fedora. Can approval be re-evaluated?
>
> Warren Togami
> wtogami at redhat.com
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3229 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20070509/82f7d4fc/attachment.bin>
More information about the fedora-devel-list
mailing list