[Python-Dev] openSSL and windows binaries - license

Jim Jewett jimjjewett at gmail.com
Tue Aug 8 22:54:44 CEST 2006

On 8/8/06, "Martin v. Löwis" <martin at v.loewis.de> wrote:
> Jim Jewett schrieb:
> > The OpenSSL library implements some algorithms that are patented.  The
> > source code should be fine to (re)distribute, but but there may be a
> > slight legal risk with distributing a binary.

> I don't want to change the build process in that way (i.e. dropping a
> feature) just before a release.

OK, but this does argue against making the fast version available by
default on windows.  :{

The 2.5c1 windows binary does not ship with _hashlib, so IDEA is only
available if someone else has compiled it.

The problem is that if the binary is recompiled as part of the python
build (as is typical on unix), then a default build will make IDEA

> I personally don't think there is a risk
> distributing the code (if there was, distribution of OpenSSL would also
> be a risk); anybody /using/ a patented algorithm would violate the

There is at least some legal precedent for treating source code
differently from binaries.  (http://jya.com/bernstein-9th.htm)  The
source code is a communication or description (which would not violate
the patent), while the binary is an implementation (which would).

Note that openssl.org do not distribute binaries themselves, and at
least some vendors (such as Red Hat) have excluded the questionable
algorithms from their binaries.

> If you think it's necessary, a note could be added to the readme. Would
> you like to create a patch?

I believe the openSSL readme
is sufficient for a source release.

But for a binary release, I think that IDEA should be added to the
Configure exclude.

    # All of the following is disabled by default (RC5 was enabled
before 0.9.8):

    my %disabled = ( # "what"         => "comment"
                 "gmp"		  => "default",
+                 "idea"		  => "default",
                 "mdc2"           => "default",
                 "rc5"            => "default",
                 "shared"         => "default",
                 "zlib"           => "default",
                 "zlib-dynamic"   => "default"


More information about the Python-Dev mailing list