[ciphershed] Re: Compiling on Windows: Include Prereqs?

• From: Bill Cox <waywardgeek@xxxxxxxxx>
• To: ciphershed@xxxxxxxxxxxxx
• Date: Thu, 12 Jun 2014 20:27:51 -0400

Way to go!  Comments below.

On 6/12/2014 3:09 PM, Stephen R Guglielmo wrote:
> I have TC compiling successfully on Windows. I'll get a binary up
> soon. There are a bunch of prerequisites to get it working, some
> freely available and some not. I was going to include everything I
> could (the freely available/licensed) within our codebase for
> ease-of-use. I was wondering if everyone else felt the same.
> 
> My proposal:
> -The original TrueCrypt 7.1a archives (the tar.gz and the .zip) are
> located in `/OriginalSources/`.
> -The truecrypt-hashes.asc file is also in there, along with a short
> text file proving the verification.
> -The three RSA PKS header files are in `/Pkcs11/`
> -gzip.exe and dd.exe from the GnuWin32 project are included in `/GnuWin32/`

Sounds good.  Sort of like the TrueCrypt authors, RSA decided to
roll-their-own license for the PKS head files.  They forgot to mention
that we are granted the right to redistribute derived works form their
code, which is probably why most people make developers go download it
themselves.  It's no worse than the TrueCrypt 3.0 license.  Clearly the
authors intended for derived works to be shared... duh.  So, I say go
ahead and check them into our repo.  We will need to put "derived from
the RSA Security Inc. PKCS #11 * Cryptographic Token Interface
(Cryptoki)" somewhere in either the about box or docs somewhere.

For two major crypto effors (TrueCrypt and RSA), who clearly understand
that roll-your-own crypto should only be done with intense review by
experts, why did they think they did not need legal experts for writing
licenses?  It turns out that we are all stupid when it comes to what we
don't know...

> How does this sound for including this stuff in our distribution? Or
> should we leave it for others to obtain?

I like it.  I'd say verify it the best you can and sign it in.

> I'm writing Windows compilation instructions on the wiki.
> 
> I wanted to included Microsoft Visual C++ 1.52c, however, I don't
> think the license would allow it. I can't find details on the license
> though (there's no LICENSE file in the zip). It's from 1993, so I
> doubt Microsoft would pursue a lawsuit. However, I wouldn't want to
> include anything questionable.

Yeah... including Microsoft stuff tends to be a problem.  Just put
instructions on the wiki for finding and downloading the needed version.

Bill

• References:
  • [ciphershed] Compiling on Windows: Include Prereqs?
    • From: Stephen R Guglielmo

Other related posts:

• » [ciphershed] Compiling on Windows: Include Prereqs?- Stephen R Guglielmo
• » [ciphershed] Re: Compiling on Windows: Include Prereqs?- Alain Forget
• » [ciphershed] Re: Compiling on Windows: Include Prereqs?- Kyle Marek
• » [ciphershed] Re: Compiling on Windows: Include Prereqs?- Alain Forget
• » [ciphershed] Re: Compiling on Windows: Include Prereqs?- Kyle Marek
• » [ciphershed] Re: Compiling on Windows: Include Prereqs?- Alain Forget
• » [ciphershed] Re: Compiling on Windows: Include Prereqs? - Bill Cox

1. Home
2. ciphershed
3. Archive
4. 06-2014

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---