You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-user@james.apache.org by Stefano Bagnara <ap...@bago.org> on 2006/12/22 17:56:30 UTC
Domain Keys (Was: jSPF and James?)
Tom Brown wrote:
> Hi Guys!
>
> I just thought I'd mention that I've got an implementation of the
> Domain Keys sender verification standard about 95% completed (it
> correctly validates most messages, but some systems don't correctly
> interpret the signature).
>
> I wanted to include it with JAMES itself, but there was a question
> regarding licensing issues. Has there been any notice from the legal
> team regarding the domain keys licensing, or should I just begin to
> distribute it myself?
Hi Tom,
When you're done please file a JIRA issue and attach your code there. In
the mean time we'll try again to get an answer from ASF legal team, or
to write to yahoo asking their opinion.
Thank you,
Stefano
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by Guillermo Grandes <gu...@gmail.com>.
FYI
http://www.dkim.org/ietf-dkim.htm
http://www.dkim.org/info/dkim-faq.html
----- Original Message -----
From: "Stefano Bagnara" <ap...@bago.org>
To: "James Developers List" <se...@james.apache.org>
Sent: Friday, December 29, 2006 1:11 AM
Subject: Re: Domain Keys (Was: jSPF and James?)
> robert burrell donkin wrote:
>> IANAL but i'll try to help...
>>
>> AIUI intellectual property is a loose term grouping several distinct
>> areas of law:
>>
>> * trademarks
>> * trade secrets
>> * patents
>> * copyright
>>
>> unless you hold patents, are party to trade secrets or plan to
>> infringe trademarks then copyright's the main issue right now.
>
> I think that for DK we have to deal with their patent and the license
> for Implementing the Specification.
>
> http://antispam.yahoo.com/domainkeys/patentlicense1-2.html
>
> We need ASF legal office to review that license to see if we can
> distribute a DK implementation under ASF umbrella with an ASL2 project
> using that patentlicense.
>
> THe only other license usable is GPLv2 that unfortunately is not
> compatible with ASL2.
>
> AFAIK Noel forwarded a similar request to some ASF license expert member
> a lot of weeks ago, but I think we had no answers.
>
> Tom: I think you should file a JIRA issue and grant rights for inclusion
> to ASF (there is a flag when you add attachment). Make sure to add a
> comment including a link to the license above so maybe once we have the
> code we can try to hurry an answer.
>
> Thank you,
> Stefano
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
> For additional commands, e-mail: server-dev-help@james.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by Tom Brown <to...@gmail.com>.
Thanks for the feedback!
1) If there are alternatives to using the sun.* classes, I'd be happy
to use them! However, I'm not that experienced with java cryptography
features, and for some reason, it would only work when the key stuff
was directly instantiated.
2) I was unaware that the StringBuilder was only available in java 5.
(I guess I should have done my homework). However, I don't know of any
other parts of the code that are java 5 only, but I guess I'd have to
try and compile it with an older JDK to find out...
3) I believe this is a full implementation. The Yahoo! site links to a
revision 3 of the specification (broken link), but I was using
revision 6 that I found somewhere.
4) I am very interested in upgrading the DK suite to DKIM. They are
similar in a lot of ways, though not exact. The DKIM spec is about
twice as long as the DK spec, and has more options-- but it's the same
principles.
Q. does Yahoo! have a compliance test suite?
A. I couldn't ever find one. However, I did find some public mail
servers advertising to test the DK implementation. I had a lot of
success when using:
http://www.skylist.com/resources/authentication.php
Tom
On 12/31/06, Stefano Bagnara <ap...@bago.org> wrote:
> Tom Brown wrote:
> > I have submitted the code via JIRA. I believe it's issue #12359570.
> >
> > Tom
>
> First of all, thank you! It's always cool to receive code contributions!
>
> I gave the code a really fast review and I have some comment/question:
>
> 1) I noticed a class using 2 sun.* classes.
>
> import sun.misc.BASE64Decoder;
> import sun.security.rsa.RSAPublicKeyImpl;
>
> That code is tied to the SUN libraries.
>
> What about using a KeyFactory to generate the RSA public key?
> http://java.sun.com/j2se/1.4.2/docs/api/java/security/KeyFactory.html
>
>
> 2) I see you use StringBuilder so the code is tied to Java5. If we want
> to make it releasable with current James we have to backport it to Java2
> 1.4 (replace it with StringBuffer). Is there anything else depending on
> java5 ?
>
>
> 3) I don't know the DK specification: is it fully supported by this
> code? or is it a partial implementation?
>
>
> 4) I don't know what are the differences between DK and DKIM: do you
> plan to work also on DKIM or in any way support DKIM, too?
>
>
> Stefano
>
> PS: Robert, is this work somehow related to the reorganization of crypto
> code (SMIME/PGP) discussed here
> http://issues.apache.org/jira/browse/JAMES-596 ?
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
> For additional commands, e-mail: server-dev-help@james.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by robert burrell donkin <ro...@gmail.com>.
On 12/30/06, Tom Brown <to...@gmail.com> wrote:
> Some of this conversation is difficult to follow as I don't know who's
> who. However, it seems that the current consensus is to attach the
> current source it as a JIRA issue and go from there...
+1
> Is a CLA required for to submit the issue, or does that only become necessary
> when it's time to commit the patch?
only necessary when it's time to commit (but it may take a week or two
to process a CLA)
- robert
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by robert burrell donkin <ro...@gmail.com>.
On 1/1/07, Noel J. Bergman <no...@devtech.com> wrote:
> robert burrell donkin wrote:
>
> > it's a tricky question that involves patent policy
>
> Robert, you might want to check the legal-internal archives. I'd been
> pursuing this with both our legal folks and the IETF
thanks
very busy, i see :-)
posting again on legal-discuss was useful: it's tricky to follow
threads with less. public lists means all developers can read and
post. i'll follow up and ask members to read the internal list.
- robert
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
RE: Domain Keys (Was: jSPF and James?)
Posted by "Noel J. Bergman" <no...@devtech.com>.
robert burrell donkin wrote:
> it's a tricky question that involves patent policy
Robert, you might want to check the legal-internal archives. I'd been
pursuing this with both our legal folks and the IETF until Stefano's
behavior so thoroughly put me off from investing more of my time on the
matter. I'm still debating what to do about that issue.
--- Noel
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by robert burrell donkin <ro...@gmail.com>.
On 12/30/06, Stefano Bagnara <ap...@bago.org> wrote:
> robert burrell donkin wrote:
<snip>
> >> Btw if you want to take care of this issue (both technical and legal) we
> >> would really appreciate this.
> >
> > i can't promise to take care of it but i'll try to help out...
>
> thank you
it's a tricky question that involves patent policy:
http://mail-archives.apache.org/mod_mbox/www-legal-discuss/200612.mbox/%3c1167509693.5520.39.camel@knossos.elmet%3e
may well take a while to figure out and we may well want to try to
lobby Yahoo! for license changes. seems unlikely to be concluded
anytime soon.
might be worth considering hosting development offshore under a dual
license (ASF+Yahoo!) but continuing to use this list for discussions.
if apache policy decides that the Yahoo! patent license is acceptable
then a software grant can be used.
- robert
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by robert burrell donkin <ro...@gmail.com>.
On 12/31/06, Stefano Bagnara <ap...@bago.org> wrote:
> Tom Brown wrote:
> > I have submitted the code via JIRA. I believe it's issue #12359570.
> >
> > Tom
<snip>
> 3) I don't know the DK specification: is it fully supported by this
> code? or is it a partial implementation?
does Yahoo! have a compliance test suite?
<snip>
> PS: Robert, is this work somehow related to the reorganization of crypto
> code (SMIME/PGP) discussed here
> http://issues.apache.org/jira/browse/JAMES-596 ?
related, yes but indirectly
SMIME and OpenPGP/SMIME are very similar structurally - the major
difference is in the keying.
OpenPGP/clearsign is easier and does not involve MIME so differs structurally.
the specification links from the Yahoo! page seem to be broken so i
can only go from the code. at first glance, it appears structurally
different from each of the other areas.
but it might be powerful to have some signing/verification abstraction
so that further processing could happen regardless of what technology
was used. i'm very keen on domain specific languages, meta data and
rules engines for email (so that'd probably be good enough for me) but
perhaps james would benefit from pluggable signers and verifiers....
BTW i have most of the most difficult work done on OpenPGP/SMIME but
i'm not sure when i'll find time to get back and finish it.
- robert
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by robert burrell donkin <ro...@gmail.com>.
On 12/30/06, Tom Brown <to...@gmail.com> wrote:
> I have submitted the code via JIRA. I believe it's issue #12359570.
good (the url is https://issues.apache.org/jira/browse/JAMES-752)
if domain keys are being presented to the IEFT for standardization,
it'd be a good idea for some people to show up on the list (once it's
created) to help out (AIUI experience from distinct implementations is
important). tom...?
- robert
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by Tom Brown <to...@gmail.com>.
Thanks!
Tom
On 6/5/07, Norman Maurer <no...@apache.org> wrote:
> Thx Graig :-)
>
> bye
> Norman
>
> Am Dienstag, den 05.06.2007, 15:29 +0200 schrieb Craig Raw:
> > Hi Stefano,
> >
> > No problem, it's now in http://issues.apache.org/jira/browse/JAMES-752
> >
> > Craig
> >
> > Stefano Bagnara wrote:
> > > Craig Raw ha scritto:
> > >> Hi Tom,
> > >>
> > >> I've been trying out your DK signing mailet - thanks for your hard work.
> > >> Some feedback:
> > >>
> > >> I've downgraded the code (or at least the areas I'm using) to Java 1.4.
> > >> I've also changed the temporary file handling a little - the mailet (or
> > >> more specifically GenericSigner and GenericVerifier) do not seem to
> > >> close or delete the temporary file, which in a long running process may
> > >> prove to be problematic. I added a finally block to do this in each of
> > >> the classes above.
> > >>
> > >> Otherwise, the mailet seems to be working well so far.
> > >
> > > Hi Craig,
> > >
> > > would you mind attaching your resulting work to the same JIRA issue so
> > > that other users can start from there ?
> > >
> > > Thank you,
> > > Stefano
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
> > > For additional commands, e-mail: server-dev-help@james.apache.org
> > >
> > >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
> > For additional commands, e-mail: server-dev-help@james.apache.org
> >
> >
> > !DSPAM:1,46656773102398529190010!
> >
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
> For additional commands, e-mail: server-dev-help@james.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by Stefano Bagnara <ap...@bago.org>.
Craig Raw ha scritto:
> Hi Tom,
>
> I've been trying out your DK signing mailet - thanks for your hard work.
> Some feedback:
>
> I've downgraded the code (or at least the areas I'm using) to Java 1.4.
> I've also changed the temporary file handling a little - the mailet (or
> more specifically GenericSigner and GenericVerifier) do not seem to
> close or delete the temporary file, which in a long running process may
> prove to be problematic. I added a finally block to do this in each of
> the classes above.
>
> Otherwise, the mailet seems to be working well so far.
Hi Craig,
would you mind attaching your resulting work to the same JIRA issue so
that other users can start from there ?
Thank you,
Stefano
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by Norman Maurer <no...@apache.org>.
Thx Graig :-)
bye
Norman
Am Dienstag, den 05.06.2007, 15:29 +0200 schrieb Craig Raw:
> Hi Stefano,
>
> No problem, it's now in http://issues.apache.org/jira/browse/JAMES-752
>
> Craig
>
> Stefano Bagnara wrote:
> > Craig Raw ha scritto:
> >> Hi Tom,
> >>
> >> I've been trying out your DK signing mailet - thanks for your hard work.
> >> Some feedback:
> >>
> >> I've downgraded the code (or at least the areas I'm using) to Java 1.4.
> >> I've also changed the temporary file handling a little - the mailet (or
> >> more specifically GenericSigner and GenericVerifier) do not seem to
> >> close or delete the temporary file, which in a long running process may
> >> prove to be problematic. I added a finally block to do this in each of
> >> the classes above.
> >>
> >> Otherwise, the mailet seems to be working well so far.
> >
> > Hi Craig,
> >
> > would you mind attaching your resulting work to the same JIRA issue so
> > that other users can start from there ?
> >
> > Thank you,
> > Stefano
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
> > For additional commands, e-mail: server-dev-help@james.apache.org
> >
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
> For additional commands, e-mail: server-dev-help@james.apache.org
>
>
> !DSPAM:1,46656773102398529190010!
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by Craig Raw <cr...@quirk.biz>.
Hi Stefano,
No problem, it's now in http://issues.apache.org/jira/browse/JAMES-752
Craig
Stefano Bagnara wrote:
> Craig Raw ha scritto:
>> Hi Tom,
>>
>> I've been trying out your DK signing mailet - thanks for your hard work.
>> Some feedback:
>>
>> I've downgraded the code (or at least the areas I'm using) to Java 1.4.
>> I've also changed the temporary file handling a little - the mailet (or
>> more specifically GenericSigner and GenericVerifier) do not seem to
>> close or delete the temporary file, which in a long running process may
>> prove to be problematic. I added a finally block to do this in each of
>> the classes above.
>>
>> Otherwise, the mailet seems to be working well so far.
>
> Hi Craig,
>
> would you mind attaching your resulting work to the same JIRA issue so
> that other users can start from there ?
>
> Thank you,
> Stefano
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
> For additional commands, e-mail: server-dev-help@james.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by Craig Raw <cr...@quirk.biz>.
Hi Tom,
I've been trying out your DK signing mailet - thanks for your hard work. Some feedback:
I've downgraded the code (or at least the areas I'm using) to Java 1.4. I've also changed the
temporary file handling a little - the mailet (or more specifically GenericSigner and
GenericVerifier) do not seem to close or delete the temporary file, which in a long running process
may prove to be problematic. I added a finally block to do this in each of the classes above.
Otherwise, the mailet seems to be working well so far.
Ciao,
Craig
Tom Brown wrote:
> Thanks for the feedback!
>
> 1) If there are alternatives to using the sun.* classes, I'd be happy
> to use them! However, I'm not that experienced with java cryptography
> features, and for some reason, it would only work when the key stuff
> was directly instantiated.
>
> 2) I was unaware that the StringBuilder was only available in java 5.
> (I guess I should have done my homework). However, I don't know of any
> other parts of the code that are java 5 only, but I guess I'd have to
> try and compile it with an older JDK to find out...
>
> 3) I believe this is a full implementation. The Yahoo! site links to a
> revision 3 of the specification (broken link), but I was using
> revision 6 that I found somewhere.
>
> 4) I am very interested in upgrading the DK suite to DKIM. They are
> similar in a lot of ways, though not exact. The DKIM spec is about
> twice as long as the DK spec, and has more options-- but it's the same
> principles.
>
>
> Q. does Yahoo! have a compliance test suite?
>
> A. I couldn't ever find one. However, I did find some public mail
> servers advertising to test the DK implementation. I had a lot of
> success when using:
>
> http://www.skylist.com/resources/authentication.php
>
>
> Tom
>
> On 12/31/06, Stefano Bagnara <ap...@bago.org> wrote:
>> Tom Brown wrote:
>> > I have submitted the code via JIRA. I believe it's issue #12359570.
>> >
>> > Tom
>>
>> First of all, thank you! It's always cool to receive code contributions!
>>
>> I gave the code a really fast review and I have some comment/question:
>>
>> 1) I noticed a class using 2 sun.* classes.
>>
>> import sun.misc.BASE64Decoder;
>> import sun.security.rsa.RSAPublicKeyImpl;
>>
>> That code is tied to the SUN libraries.
>>
>> What about using a KeyFactory to generate the RSA public key?
>> http://java.sun.com/j2se/1.4.2/docs/api/java/security/KeyFactory.html
>>
>>
>> 2) I see you use StringBuilder so the code is tied to Java5. If we want
>> to make it releasable with current James we have to backport it to Java2
>> 1.4 (replace it with StringBuffer). Is there anything else depending on
>> java5 ?
>>
>>
>> 3) I don't know the DK specification: is it fully supported by this
>> code? or is it a partial implementation?
>>
>>
>> 4) I don't know what are the differences between DK and DKIM: do you
>> plan to work also on DKIM or in any way support DKIM, too?
>>
>>
>> Stefano
>>
>> PS: Robert, is this work somehow related to the reorganization of crypto
>> code (SMIME/PGP) discussed here
>> http://issues.apache.org/jira/browse/JAMES-596 ?
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
>> For additional commands, e-mail: server-dev-help@james.apache.org
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
> For additional commands, e-mail: server-dev-help@james.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by Stefano Bagnara <ap...@bago.org>.
Tom Brown wrote:
> I have submitted the code via JIRA. I believe it's issue #12359570.
>
> Tom
First of all, thank you! It's always cool to receive code contributions!
I gave the code a really fast review and I have some comment/question:
1) I noticed a class using 2 sun.* classes.
import sun.misc.BASE64Decoder;
import sun.security.rsa.RSAPublicKeyImpl;
That code is tied to the SUN libraries.
What about using a KeyFactory to generate the RSA public key?
http://java.sun.com/j2se/1.4.2/docs/api/java/security/KeyFactory.html
2) I see you use StringBuilder so the code is tied to Java5. If we want
to make it releasable with current James we have to backport it to Java2
1.4 (replace it with StringBuffer). Is there anything else depending on
java5 ?
3) I don't know the DK specification: is it fully supported by this
code? or is it a partial implementation?
4) I don't know what are the differences between DK and DKIM: do you
plan to work also on DKIM or in any way support DKIM, too?
Stefano
PS: Robert, is this work somehow related to the reorganization of crypto
code (SMIME/PGP) discussed here
http://issues.apache.org/jira/browse/JAMES-596 ?
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by Tom Brown <to...@gmail.com>.
I have submitted the code via JIRA. I believe it's issue #12359570.
Tom
On 12/30/06, Norman Maurer <nm...@byteaction.de> wrote:
> Just attach it to jira and grant asf rights. That should be enough to
> see what todo later.
>
> Thx for all your work .. Im looking forward to see your work
>
> bye
> Norman
>
> Tom Brown schrieb:
> > Some of this conversation is difficult to follow as I don't know who's
> > who. However, it seems that the current consensus is to attach the
> > current source it as a JIRA issue and go from there... Is a CLA
> > required for to submit the issue, or does that only become necessary
> > when it's time to commit the patch?
> >
> > Tom
> >
> > On 12/30/06, robert burrell donkin <ro...@gmail.com> wrote:
> >> On 12/30/06, Stefano Bagnara <ap...@bago.org> wrote:
> >> > robert burrell donkin wrote:
> >> > >> I don't like too much the use of svn:externals. Either way we'll
> >> have to
> >> > >> wait for the legal issues to be resolved in order to try to
> >> release.
> >> > >
> >> > > sorry for not explaining fully: i meant to suggest starting a
> >> project
> >> > > which imported the last james release and added the extra
> >> function not
> >> > > vice-versa. those who want james+domain-keys and are happy with the
> >> > > reciprocal licensing could obtain it from this new project.
> >> >
> >> > I would not reccomend branches. I prefer to alter james in order to
> >> > provide the needed extension points so that the code can be a
> >> plugin and
> >> > added to the official james with few efforts. I wouldn't like to see
> >> > James branches for each feature that is not patent or copyright
> >> > compliant (like jcluster, maildir and so on). I think this is my
> >> duty to
> >> > try to avoid this while I'm in the PMC.
> >>
> >> easier plugins would be very useful anyway
> >>
> >> - robert
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
> >> For additional commands, e-mail: server-dev-help@james.apache.org
> >>
> >>
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
> > For additional commands, e-mail: server-dev-help@james.apache.org
> >
> > !EXCUBATOR:1,45969e6d44676209118015!
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
> For additional commands, e-mail: server-dev-help@james.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by Tom Brown <to...@gmail.com>.
Some of this conversation is difficult to follow as I don't know who's
who. However, it seems that the current consensus is to attach the
current source it as a JIRA issue and go from there... Is a CLA
required for to submit the issue, or does that only become necessary
when it's time to commit the patch?
Tom
On 12/30/06, robert burrell donkin <ro...@gmail.com> wrote:
> On 12/30/06, Stefano Bagnara <ap...@bago.org> wrote:
> > robert burrell donkin wrote:
> > >> I don't like too much the use of svn:externals. Either way we'll have to
> > >> wait for the legal issues to be resolved in order to try to release.
> > >
> > > sorry for not explaining fully: i meant to suggest starting a project
> > > which imported the last james release and added the extra function not
> > > vice-versa. those who want james+domain-keys and are happy with the
> > > reciprocal licensing could obtain it from this new project.
> >
> > I would not reccomend branches. I prefer to alter james in order to
> > provide the needed extension points so that the code can be a plugin and
> > added to the official james with few efforts. I wouldn't like to see
> > James branches for each feature that is not patent or copyright
> > compliant (like jcluster, maildir and so on). I think this is my duty to
> > try to avoid this while I'm in the PMC.
>
> easier plugins would be very useful anyway
>
> - robert
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
> For additional commands, e-mail: server-dev-help@james.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by Norman Maurer <nm...@byteaction.de>.
Just attach it to jira and grant asf rights. That should be enough to
see what todo later.
Thx for all your work .. Im looking forward to see your work
bye
Norman
Tom Brown schrieb:
> Some of this conversation is difficult to follow as I don't know who's
> who. However, it seems that the current consensus is to attach the
> current source it as a JIRA issue and go from there... Is a CLA
> required for to submit the issue, or does that only become necessary
> when it's time to commit the patch?
>
> Tom
>
> On 12/30/06, robert burrell donkin <ro...@gmail.com> wrote:
>> On 12/30/06, Stefano Bagnara <ap...@bago.org> wrote:
>> > robert burrell donkin wrote:
>> > >> I don't like too much the use of svn:externals. Either way we'll
>> have to
>> > >> wait for the legal issues to be resolved in order to try to
>> release.
>> > >
>> > > sorry for not explaining fully: i meant to suggest starting a
>> project
>> > > which imported the last james release and added the extra
>> function not
>> > > vice-versa. those who want james+domain-keys and are happy with the
>> > > reciprocal licensing could obtain it from this new project.
>> >
>> > I would not reccomend branches. I prefer to alter james in order to
>> > provide the needed extension points so that the code can be a
>> plugin and
>> > added to the official james with few efforts. I wouldn't like to see
>> > James branches for each feature that is not patent or copyright
>> > compliant (like jcluster, maildir and so on). I think this is my
>> duty to
>> > try to avoid this while I'm in the PMC.
>>
>> easier plugins would be very useful anyway
>>
>> - robert
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
>> For additional commands, e-mail: server-dev-help@james.apache.org
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
> For additional commands, e-mail: server-dev-help@james.apache.org
>
> !EXCUBATOR:1,45969e6d44676209118015!
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by robert burrell donkin <ro...@gmail.com>.
On 12/30/06, Stefano Bagnara <ap...@bago.org> wrote:
> robert burrell donkin wrote:
> >> I don't like too much the use of svn:externals. Either way we'll have to
> >> wait for the legal issues to be resolved in order to try to release.
> >
> > sorry for not explaining fully: i meant to suggest starting a project
> > which imported the last james release and added the extra function not
> > vice-versa. those who want james+domain-keys and are happy with the
> > reciprocal licensing could obtain it from this new project.
>
> I would not reccomend branches. I prefer to alter james in order to
> provide the needed extension points so that the code can be a plugin and
> added to the official james with few efforts. I wouldn't like to see
> James branches for each feature that is not patent or copyright
> compliant (like jcluster, maildir and so on). I think this is my duty to
> try to avoid this while I'm in the PMC.
easier plugins would be very useful anyway
- robert
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by robert burrell donkin <ro...@gmail.com>.
On 1/2/07, Stefano Bagnara <ap...@bago.org> wrote:
> robert burrell donkin wrote:
> > this code should not be committed into a apache repository until the
> > wheels have turned
> >
> > - robert
>
> Hi Robert, I'm following the thread on legal-discuss and it is
> interesting, even if I understand there are no good news as we have to wait.
>
> Have you had the opportunity to review the DKIM specification site and
> to understand wether the ietf submitted specification is released under
> without the patent license of DK?
not really my area: noel's the man for this
- robert
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by Stefano Bagnara <ap...@bago.org>.
robert burrell donkin wrote:
> this code should not be committed into a apache repository until the
> wheels have turned
>
> - robert
Hi Robert, I'm following the thread on legal-discuss and it is
interesting, even if I understand there are no good news as we have to wait.
Have you had the opportunity to review the DKIM specification site and
to understand wether the ietf submitted specification is released under
without the patent license of DK?
I, by mistake, thought that IETF required submission drafts to not have
similar limit about patents but I found this:
https://datatracker.ietf.org/public/ipr_detail_show.cgi?ipr_id=716
Hope this helps, someway, otherwise trash it ;-)
Stefano
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by robert burrell donkin <ro...@gmail.com>.
On 1/1/07, Norman Maurer <nm...@byteaction.de> wrote:
> robert burrell donkin schrieb:
<snip>
> > might be worth considering hosting development offshore under a dual
> > license (ASF+Yahoo!) but continuing to use this list for discussions.
> > if apache policy decides that the Yahoo! patent license is acceptable
> > then a software grant can be used.
> >
> > - robert
>
> If we do so we have to develop outside the ASF for this mailet ? Or can
> we just develop it as an independent project in the ASF ?
this code should not be committed into a apache repository until the
wheels have turned
- robert
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by Norman Maurer <nm...@byteaction.de>.
robert burrell donkin schrieb:
> On 1/1/07, Norman Maurer <nm...@byteaction.de> wrote:
>> robert burrell donkin schrieb:
>
> <snip>
>
>> > might be worth considering hosting development offshore under a dual
>> > license (ASF+Yahoo!) but continuing to use this list for discussions.
>> > if apache policy decides that the Yahoo! patent license is acceptable
>> > then a software grant can be used.
>> >
>> > - robert
>>
>> If we do so we have to develop outside the ASF for this mailet ? Or can
>> we just develop it as an independent project in the ASF ?
>
> this code should not be committed into a apache repository until the
> wheels have turned
>
> - robert
Ok thx for the clearify.. Please keep us informed ;-)
bye
Norman
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by Norman Maurer <nm...@byteaction.de>.
robert burrell donkin schrieb:
> On 12/30/06, Stefano Bagnara <ap...@bago.org> wrote:
>> robert burrell donkin wrote:
>
> <snip>
>
>> >> Btw if you want to take care of this issue (both technical and
>> legal) we
>> >> would really appreciate this.
>> >
>> > i can't promise to take care of it but i'll try to help out...
>>
>> thank you
>
> it's a tricky question that involves patent policy:
> http://mail-archives.apache.org/mod_mbox/www-legal-discuss/200612.mbox/%3c1167509693.5520.39.camel@knossos.elmet%3e
>
>
> may well take a while to figure out and we may well want to try to
> lobby Yahoo! for license changes. seems unlikely to be concluded
> anytime soon.
That are bad news.... Maybe we should contact the PMC of spamassassin to
inform them about the legal problems ?
Should i take care ?
>
> might be worth considering hosting development offshore under a dual
> license (ASF+Yahoo!) but continuing to use this list for discussions.
> if apache policy decides that the Yahoo! patent license is acceptable
> then a software grant can be used.
>
> - robert
If we do so we have to develop outside the ASF for this mailet ? Or can
we just develop it as an independent project in the ASF ?
bye
Norman
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by Stefano Bagnara <ap...@bago.org>.
robert burrell donkin wrote:
>> I don't like too much the use of svn:externals. Either way we'll have to
>> wait for the legal issues to be resolved in order to try to release.
>
> sorry for not explaining fully: i meant to suggest starting a project
> which imported the last james release and added the extra function not
> vice-versa. those who want james+domain-keys and are happy with the
> reciprocal licensing could obtain it from this new project.
I would not reccomend branches. I prefer to alter james in order to
provide the needed extension points so that the code can be a plugin and
added to the official james with few efforts. I wouldn't like to see
James branches for each feature that is not patent or copyright
compliant (like jcluster, maildir and so on). I think this is my duty to
try to avoid this while I'm in the PMC.
But I think this will more clear once Tom will attach the code to JIRA
and we know what code is involved by the patch.
>> Btw if you want to take care of this issue (both technical and legal) we
>> would really appreciate this.
>
> i can't promise to take care of it but i'll try to help out...
thank you
>> Maybe writing to the SpamAssassing PMC and to Cliff Schmidt (cliffs at
>> ASF) is the fastest path: would you mind taking care of this?
>
> i'll look into it...
>
> BTW the right thing to do is post the question to legal-discuss rather
> than cliff personally
>
> - robert
You probably know what to do better than me, so feel free to do what you
think is right :-)
Thank you again,
Stefano
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by robert burrell donkin <ro...@gmail.com>.
On 12/30/06, Stefano Bagnara <ap...@bago.org> wrote:
> robert burrell donkin wrote:
> > On 12/29/06, Stefano Bagnara <ap...@bago.org> wrote:
> >> I think that for DK we have to deal with their patent and the license
> >> for Implementing the Specification.
> > [...]
> > IANAL...
>
> Nor do I, and if I understand ASF rules we cannot decide ourselves this
> issue. There is a list of licenses that we are allowed to include.
those are all *copyright* licenses
the Yahoo! license is a *patent* license
> THis is not listed, so we have to ask and wait for approval (right?).
not sure it's works quite like that
any committer can subscribe and ask questions on legal discuss. if
there's consensus, then that's probably good enough.
but this is not a simple question about copyright. you need to
prepared for the answer that: this is a policy question, not legal and
so is a matter for the board, the membership and for cliff (the legal
VP). going by past experience, it takes a lot of talking before any
consensus will emerge and even longer to frame a written policy :-/
> Guillermo pointed out the DKIM specification but I don't know how it
> relates to Domain Keys. I see that Apache SpamAssassing is listed
> between implementations of the DKIM specification.
>
> Maybe DKIM is something different and released under different
> licensings (it is being proposed to ietf and probably cannot contain the
> reciprocal patent issue)
possibly
> or that SpamAssassin PMC already solved the
> legal issues related to including DKIM.
or they are not aware of them
> I only found this related message on the SA-dev list:
> http://www.nabble.com/DKIM-IPR-details-updated-tf301386.html#a843058
the archive to search is legal-discuss
(i'll search my archives once james IMAP is fast enough to handle 2Gs
of email data ;-)
> > i think that a CLA or a software grant would be more appropriate in
> > this case but JIRA's the usual first port of call.
>
> I agree, but I think it is really fast to at least attach to JIRA, and
> this will give us the opportunity to review the code and understand how
> much code it is.
> I think, for example, we could also consider creating an ad-hoc project
> (like jSPF).
+1
> > since my reading of the licenses indicates that it's safe to develop,
> > one possibility would be to offshore the development whilst the legal
> > issues are sorted out.
> >
> > googlecode's fast and uses subversion. svn:externals could be used to
> > easily create a composite source. discussions would be fine on this
> > list but the code would be offshore for the time being. i'd be happy
> > to help Tom apply appropriate headers and check that the statements
> > required by Yahoo! are in the right place.
> >
> > opinions?
> >
> > - robert
>
> I don't like too much the use of svn:externals. Either way we'll have to
> wait for the legal issues to be resolved in order to try to release.
sorry for not explaining fully: i meant to suggest starting a project
which imported the last james release and added the extra function not
vice-versa. those who want james+domain-keys and are happy with the
reciprocal licensing could obtain it from this new project.
once any legal issue were sorted out, the code could be imported using
a software grant
> I thought that legally we could also include it in ASF repository while
> we resolve the legal issues and that this is only blocking for releases
> (like the svn:external).
depends on the issue
releases are particularly important. releases have greater liability,
visibility and are difficult to recall. so, it's *really* important
that no release goes out with legal issues.
but checking in code with known legal issues is a bad idea both for
the committer personally and for apache. apache cannot protect any
committer who commits code with legal issues. for copyright, that
easy: all code should be original code created for apache or should be
imported via the incubator and a software grant. for patents, it is
almost impossible for any developer to avoid unintentional
infringement. if you know that code is patent encumbered then that's a
different issue.
i would expect the pmc to exercise oversight. if informed later about
a legal issue, it's usually best to remove access to the code first
and work through the legalities second.
the major issue is that james would need to change from the AL2.0 to a
composite license (AL2.0+Yahoo!). not sure that the board would be
very happy about this.
> Btw if you want to take care of this issue (both technical and legal) we
> would really appreciate this.
i can't promise to take care of it but i'll try to help out...
> Maybe writing to the SpamAssassing PMC and to Cliff Schmidt (cliffs at
> ASF) is the fastest path: would you mind taking care of this?
i'll look into it...
BTW the right thing to do is post the question to legal-discuss rather
than cliff personally
- robert
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by Stefano Bagnara <ap...@bago.org>.
robert burrell donkin wrote:
> On 12/29/06, Stefano Bagnara <ap...@bago.org> wrote:
>> I think that for DK we have to deal with their patent and the license
>> for Implementing the Specification.
> [...]
> IANAL...
Nor do I, and if I understand ASF rules we cannot decide ourselves this
issue. There is a list of licenses that we are allowed to include. THis
is not listed, so we have to ask and wait for approval (right?).
Guillermo pointed out the DKIM specification but I don't know how it
relates to Domain Keys. I see that Apache SpamAssassing is listed
between implementations of the DKIM specification.
Maybe DKIM is something different and released under different
licensings (it is being proposed to ietf and probably cannot contain the
reciprocal patent issue) or that SpamAssassin PMC already solved the
legal issues related to including DKIM.
I only found this related message on the SA-dev list:
http://www.nabble.com/DKIM-IPR-details-updated-tf301386.html#a843058
> i think that a CLA or a software grant would be more appropriate in
> this case but JIRA's the usual first port of call.
I agree, but I think it is really fast to at least attach to JIRA, and
this will give us the opportunity to review the code and understand how
much code it is.
I think, for example, we could also consider creating an ad-hoc project
(like jSPF).
> since my reading of the licenses indicates that it's safe to develop,
> one possibility would be to offshore the development whilst the legal
> issues are sorted out.
>
> googlecode's fast and uses subversion. svn:externals could be used to
> easily create a composite source. discussions would be fine on this
> list but the code would be offshore for the time being. i'd be happy
> to help Tom apply appropriate headers and check that the statements
> required by Yahoo! are in the right place.
>
> opinions?
>
> - robert
I don't like too much the use of svn:externals. Either way we'll have to
wait for the legal issues to be resolved in order to try to release.
I thought that legally we could also include it in ASF repository while
we resolve the legal issues and that this is only blocking for releases
(like the svn:external).
Btw if you want to take care of this issue (both technical and legal) we
would really appreciate this.
Maybe writing to the SpamAssassing PMC and to Cliff Schmidt (cliffs at
ASF) is the fastest path: would you mind taking care of this?
Thank you,
Stefano
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by robert burrell donkin <ro...@gmail.com>.
On 12/29/06, Stefano Bagnara <ap...@bago.org> wrote:
> robert burrell donkin wrote:
> > IANAL but i'll try to help...
> >
> > AIUI intellectual property is a loose term grouping several distinct
> > areas of law:
> >
> > * trademarks
> > * trade secrets
> > * patents
> > * copyright
> >
> > unless you hold patents, are party to trade secrets or plan to
> > infringe trademarks then copyright's the main issue right now.
>
> I think that for DK we have to deal with their patent and the license
> for Implementing the Specification.
>
> http://antispam.yahoo.com/domainkeys/patentlicense1-2.html
>
> We need ASF legal office to review that license to see if we can
> distribute a DK implementation under ASF umbrella with an ASL2 project
> using that patent license.
it may be more complicated than that
http://antispam.yahoo.com/domainkeys/patentlicense1-2.html is a
software patent license
IANAL but here's one way to read the words. the patent license is
sublicensable (2.1) but contains a reciprocal patent grant clause
(3.1). this goes further than the apache license patent grant (3). it
seems to me that this means that the Yahoo! license cannot be
sublicensed under AL2.0.
however, provided that Yahoo! is not a contributor, i think that
Yahoo! and AL2.0 cover separate distinct subjects: Yahoo!'s patent
claims and contributors patent and copyright claims. i think that it
would be safe to use a composite LICENSE together with the correct
words in the NOTICE file.
but it's not just the correct interpretation of the words that's
important. even if the implementation could be developed with legal
risk to the contributors, apache policy would need to be taken into
consideration. policy is important: by sticking to our principles,
we've played a successful role in persuading bodies to free up
standards for open source implementors. the interaction between
copyright and patents in the open source is new and complex. policy in
this area is still in the process of being formed.
it's unfortunate that the Yahoo! is good but reciprocal. i'm not sure
whether that clause is necessary: mutually assured patent destruction
is usually thought to be good enough.
(basically, none of the big software houses can use their patents
against one another: the US patent office has granted so many poor
quality patents over the years that it is believed impossible to
create any enterprise class application that is not heavily
encumbered. to engage in patent litigation with one another would
inevitably result in use of all software created by each company
being halted until the case reaches the US supreme court.)
so might take time to sort this one out...
> THe only other license usable is GPLv2 that unfortunately is not
> compatible with ASL2.
>
> AFAIK Noel forwarded a similar request to some ASF license expert member
> a lot of weeks ago, but I think we had no answers.
>
> Tom: I think you should file a JIRA issue and grant rights for inclusion
> to ASF (there is a flag when you add attachment). Make sure to add a
> comment including a link to the license above so maybe once we have the
> code we can try to hurry an answer.
i think that a CLA or a software grant would be more appropriate in
this case but JIRA's the usual first port of call.
since my reading of the licenses indicates that it's safe to develop,
one possibility would be to offshore the development whilst the legal
issues are sorted out.
googlecode's fast and uses subversion. svn:externals could be used to
easily create a composite source. discussions would be fine on this
list but the code would be offshore for the time being. i'd be happy
to help Tom apply appropriate headers and check that the statements
required by Yahoo! are in the right place.
opinions?
- robert
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by Stefano Bagnara <ap...@bago.org>.
robert burrell donkin wrote:
> IANAL but i'll try to help...
>
> AIUI intellectual property is a loose term grouping several distinct
> areas of law:
>
> * trademarks
> * trade secrets
> * patents
> * copyright
>
> unless you hold patents, are party to trade secrets or plan to
> infringe trademarks then copyright's the main issue right now.
I think that for DK we have to deal with their patent and the license
for Implementing the Specification.
http://antispam.yahoo.com/domainkeys/patentlicense1-2.html
We need ASF legal office to review that license to see if we can
distribute a DK implementation under ASF umbrella with an ASL2 project
using that patentlicense.
THe only other license usable is GPLv2 that unfortunately is not
compatible with ASL2.
AFAIK Noel forwarded a similar request to some ASF license expert member
a lot of weeks ago, but I think we had no answers.
Tom: I think you should file a JIRA issue and grant rights for inclusion
to ASF (there is a flag when you add attachment). Make sure to add a
comment including a link to the license above so maybe once we have the
code we can try to hurry an answer.
Thank you,
Stefano
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by robert burrell donkin <ro...@gmail.com>.
On 12/28/06, Tom Brown <to...@gmail.com> wrote:
> Hi guys!
>
> I've finished the domain keys library, and I'd like to submit it with
> a JIRA issue as requested.
>
> I'm unsure regarding the prefix (copyright/license/etc) each file
> should contain, especially considering the potential issues regarding
> Yahoo intellectual property.
>
> Please advise as to how I should continue...
sounds substantial. probably good to have a CLA on file. see
http://www.apache.org/licenses/index.html#clas.
IANAL but i'll try to help...
AIUI intellectual property is a loose term grouping several distinct
areas of law:
* trademarks
* trade secrets
* patents
* copyright
unless you hold patents, are party to trade secrets or plan to
infringe trademarks then copyright's the main issue right now.
the first question you should ask yourself is whether the code is an
original work developed for apache over which you hold copyright.
(developers in some jurisdictions - in particular, many US states - do
not have any rights regardless of whether the work is produced in work
or at home. in this case, you may need to seek permission from your
employer.)
(an original work means that you have begun with nothing and created
all the code yourself. there is legal complexity with regard to
implementations of standards but that can be sorted out later.)
(if the code has a history outside apache then a software grant will be needed.)
other questions are usually implementation independent and the james
developers can ask on legal discuss.
> I'm new to this, so if I have incorrectly moved this DomainKeys issue
> to the server developers list, let me know.
sounds like the right place to me
- robert
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Domain Keys (Was: jSPF and James?)
Posted by Tom Brown <to...@gmail.com>.
Hi guys!
I've finished the domain keys library, and I'd like to submit it with
a JIRA issue as requested.
I'm unsure regarding the prefix (copyright/license/etc) each file
should contain, especially considering the potential issues regarding
Yahoo intellectual property.
Please advise as to how I should continue...
I'm new to this, so if I have incorrectly moved this DomainKeys issue
to the server developers list, let me know.
Thanks again!
Tom
On 12/22/06, Stefano Bagnara <ap...@bago.org> wrote:
> Tom Brown wrote:
> > Hi Guys!
> >
> > I just thought I'd mention that I've got an implementation of the
> > Domain Keys sender verification standard about 95% completed (it
> > correctly validates most messages, but some systems don't correctly
> > interpret the signature).
> >
> > I wanted to include it with JAMES itself, but there was a question
> > regarding licensing issues. Has there been any notice from the legal
> > team regarding the domain keys licensing, or should I just begin to
> > distribute it myself?
>
> Hi Tom,
>
> When you're done please file a JIRA issue and attach your code there. In
> the mean time we'll try again to get an answer from ASF legal team, or
> to write to yahoo asking their opinion.
>
> Thank you,
> Stefano
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
> For additional commands, e-mail: server-user-help@james.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org