OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pkcs11 message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [pkcs11] Groups - PKCS #11 V2.30 header files uploaded

On 31/05/2013 9:15 AM, Wan-Teh Chang wrote:
The PKCS #11 header files in NSS are based on an old version that Netscape got additional rights to, rather than the current version, because of this concern.

It would be useful to see whatever details exist of the "additional rights" as this is the first time that I've seen it mentioned and given that nothing is acknowledged in the files you will need to elaborate on that.

RSA added the text to the v2.11 header files back some time before November 2001 as it is present in revision 1.4 of those files according to the records that I have (that revision information being from the CVS repository that was used for maintaining the versions of the header files internal to RSA).

Those notes and comments were not in the header files for version 2.10 (January 2000) and the standard itself notes:
<quote>
License to copy this document is granted provided that it is identified as "RSA Security Inc. Public-Key Cryptography Standards (PKCS)" in all material mentioning or referencing this document.
</quote>


I note that the file in the NSS tree for 3.2.1 in nss-3.2.1/mozilla/security/nss/lib/softoken/pkcs11t.h has:

<quote>
/*
 * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
 * is granted provided that it is identified as "RSA Security In.c Public-Key
 * Cryptography Standards (PKCS)" in all material mentioning or referencing
 * this document.
 */
</quote>

And in the current NSS 3.15 tree in nss-3.15/nss/lib/util/pkcs11t.h has:

<quote>
/* License to copy and use this software is granted provided that it is
 * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
 * (Cryptoki)" in all material mentioning or referencing this software.

 * License is also granted to make and use derivative works provided that
 * such works are identified as "derived from the RSA Security Inc. PKCS #11
 * Cryptographic Token Interface (Cryptoki)" in all material mentioning or
 * referencing the derived work.

 * RSA Security Inc. makes no representations concerning either the
 * merchantability of this software or the suitability of this software for
 * any particular purpose. It is provided "as is" without express or implied
 * warranty of any kind.
 */
</quote>


So from that quick check your information at the very least is out of date as NSS contains the v2.20 header file copyright text unchanged.

Summary: the so called problematic text was introduced in v2.11 and this text is contained unchanged in the current versions of NSS

Tim.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]