Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1012269 - bouncycastle: implements elliptic curve cryptography
Summary: bouncycastle: implements elliptic curve cryptography
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: bouncycastle
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ---
Assignee: Mat Booth
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On: 319901
Blocks: FE-Legal
TreeView+ depends on / blocked
 
Reported: 2013-09-26 07:19 UTC by Mikolaj Izdebski
Modified: 2014-06-25 14:23 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-06-25 14:23:04 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Mikolaj Izdebski 2013-09-26 07:19:54 UTC 
Description of problem:
bouncycastle implements elliptic curve cryptography (ECC), which is patented and therefore not allowed to be included in Fedora.

See bug #319901 for detailed discussion about ECC in OpenSSL package.

Version-Release number of selected component (if applicable):
1.46-10

Steps to Reproduce:
1. unpack package sources
2. grep -i -r elliptic
Comment 1 Mat Booth 2013-09-26 12:56:08 UTC 
For me, this really depends on two things:

a) The resolution of bug #319901 -- I'm not about to do any work on this that may be rendered unnecessary (I am a volunteer)

b) Whether bouncycastle actually implements the same allegedly patented algorithms as openssl (I don't think a cursory grep confirms this)
Comment 2 gil cattaneo 2013-09-26 15:00:12 UTC 
(In reply to Mat Booth from comment #1)
> For me, this really depends on two things:
> 
> a) The resolution of bug #319901 -- I'm not about to do any work on this
> that may be rendered unnecessary (I am a volunteer)
> 
> b) Whether bouncycastle actually implements the same allegedly patented
> algorithms as openssl (I don't think a cursory grep confirms this)

+1
regards
Comment 3 Mikolaj Izdebski 2013-09-27 06:32:29 UTC 
(In reply to Mat Booth from comment #1)
> For me, this really depends on two things:
> 
> a) The resolution of bug #319901 -- I'm not about to do any work on this
> that may be rendered unnecessary (I am a volunteer)
> 
> b) Whether bouncycastle actually implements the same allegedly patented
> algorithms as openssl (I don't think a cursory grep confirms this)

No argument here.  I just thought that it would be nice to track it and that as a new maintainer of bouncycastle you might be not aware of this issue.
Comment 4 Mat Booth 2013-09-27 06:53:43 UTC 
Fair enough, thanks for raising the ticket.
Comment 5 Scott Schmit 2013-10-15 10:36:20 UTC 
This may now be a non-issue. See bug #319901. CC'ing Tom.
Comment 6 Tom "spot" Callaway 2014-06-25 14:23:04 UTC 
After review, I'm pretty sure this is a non-issue. Closing.
Note You need to log in before you can comment on or make changes to this bug.