El lun, 21-06-2010 a las 15:13 +0200, Alejandro Vargas escribió: > 2010/6/16 jons...@terra.es <jons...@terra.es>: > > - Decide how to handle with private and non-published keys > > in source code. Alternatively try to get permission from > > DGP to publis our reverse-engineered keys
> What about loading the keys from an external file like > /etc/opensc/keys/dnie.key? > The keys could be included in a distro packet or downloaded and > extracted by a script that could be executed at install time or by the > user. Not sure about legal issues on this option. keys are not covered by GPL, and afaik are covered by our "Ley de secretos oficiales". I'm also unsure about legal status of include it in a binary distribution (inserted into binary at compile-time) or in a separate file ( BTW: I already _have_ the script working and waiting for legal status clarification :-) > > - Integrate or not in opensc project keeping it as separate > > dynloadable module > If the unpublished key is not included in the binary but in an > external file, it is not need for loading and external module. As Direccion General de la Policia has released the code as GPL, we never can integrate it (static compile) into OpenSC. (LGPL can be promoted to GPL. The reverse isn't true). So DNI'e must be built as dynloaded module regardless keys handling It's a license nightmare: my feeling is that DGP has chosen GPL to ensure that all derived code will be easily auditable But for opensc integrating into mainstream is a no-go, unless we can make it compatible with secure-channel opensc subproject Juan Antonio
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
