dstebila
commented
1 year ago Just checking to see if there's been any progress on this front.
Closed dstebila closed 1 year ago
dstebila
commented
1 year ago Just checking to see if there's been any progress on this front.
bwesterb
commented
1 year ago The team seems happy to accommodate Fedora, but we're still discussing which exact combination of licenses to use.
dstebila
commented
1 year ago Hi Bas, were you able to reach a conclusion on this?
MrPugh
commented
1 year ago I added a branch 'license' to tackle the issue; please check and comment.
MrPugh
commented
1 year ago I am not sure how to handle the NIST files:
ref/PQCgenKAT_sign.c ref/rng.c ref/rng.h
dstebila
commented
1 year ago It shouldn't be a problem to leave those as is, and make a comment in the README or LICENSE file that those files retain their original license. Downstream projects like OQS won't actually make use of those files in compiled libraries, so the resulting binaries will still be cleanly licensed.
In liboqs we've gotten some feedback (https://github.com/open-quantum-safe/liboqs/issues/1437) that the CC0 license is a barrier to adoption by some distributions. Would SPHINCS+ be willing to consider dual licensing to add another license? See also https://github.com/open-quantum-safe/liboqs/issues/1388#issuecomment-1430046692 for comments from the Fedora team.