Date: Wed, 14 Apr 1999 17:41:34 -0400 From: "Allen Smith" <easmith@beatrice.rutgers.edu> To: 0x1c <nick@shibumi.feralmonkey.org> Cc: Brett Glass <brett@lariat.org>, "Gregory P. Smith" <greg@nas.nasa.gov>, Igor Roshchin <igor@physics.uiuc.edu>, security@FreeBSD.ORG Subject: Re: ssh protocol [was: Interesting problem: chowning files sent via FTP] Message-ID: <9904141741.ZM4180@beatrice.rutgers.edu> In-Reply-To: 0x1c <nick@shibumi.feralmonkey.org> "Re: ssh protocol [was: Interesting problem: chowning files sent via FTP]" (Apr 12, 8:15pm) References: <Pine.BSF.4.05.9904131208110.26852-100000@shibumi.feralmonkey.org>
index | next in thread | previous in thread | raw e-mail
On Apr 12, 8:15pm, 0x1c (possibly) wrote: > On Mon, 12 Apr 1999, Allen Smith wrote: > > > On Apr 12, 4:30pm, Brett Glass (possibly) wrote: > > > A GPLed implementation would be a bad idea, because it would prevent > > > the code from being incorporated into commercial products and thus > > > discourage standardization. This is one situation in which BSD-type > > > licensing would be infinitely preferable. > > > > Actually, what would be preferable is some form of GNU _library_ > > license. I'm not willing to trust an encryption program unless I > > know independent cryptographers have reviewed the code. For that matter, I'm not willing to trust _anything_ on security unless the code is available... this is one reason we're using FreeBSD for a firewall. > How does the licence (gpl, lgpl, or bsd) have anything to do with > independent cryptographers reviewing the code? The only crucial > requirement is that the relevant source be available for analysis. A gpl or lgpl license mandates the widest possible availability for review of the code. -Allen -- Allen Smith easmith@beatrice.rutgers.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the messagehelp
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9904141741.ZM4180>