Eddy Nigg (StartCom Ltd.) wrote: > So is the assumption correct, that if I or anybody else extracts the CA > certificates from certdata.txt and uses the result of it, isn't bound to > any licensing constraints, similar as the content of a web page which > the browser displays isn't part of the software itself?
The copyright status of the data does not change as a result of you obtaining it from us as opposed to obtaining it directly from the CA. If you or your lawyer are concerned that the data may be "tainted" by being "passed through" Mozilla CVS, then you should re-visit each CA and download their root certificate from them directly. > At this stage I mostly care about the Mozilla licenses and need a clear > answer, if a third party can make use of an extract of the certdata.txt. > Personally I would believe this to be the case, but I want to have that > confirmed in some way in order to let other products make use of it > without being bound to the tri-license of Mozilla. What's the problem with being bound to the tri-licence anyway? "Choose the MPL", and then the licensing conditions don't affect any of the rest of your code. certdata.txt is a self-contained file. Gerv _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
