| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <13213304ac049113655ab8fe1bae76cc84a3330e.camel@HansenPartnership.com> Date: Mon, 17 Nov 2025 15:19:02 -0500 From: James Bottomley <James.Bottomley@...senPartnership.com> To: David Howells <dhowells@...hat.com>, Eric Biggers <ebiggers@...nel.org> Cc: Herbert Xu <herbert@...dor.apana.org.au>, Luis Chamberlain <mcgrof@...nel.org>, Petr Pavlu <petr.pavlu@...e.com>, Daniel Gomez <da.gomez@...nel.org>, Sami Tolvanen <samitolvanen@...gle.com>, "Jason A . Donenfeld" <Jason@...c4.com>, Ard Biesheuvel <ardb@...nel.org>, Stephan Mueller <smueller@...onox.de>, Lukas Wunner <lukas@...ner.de>, Ignat Korchagin <ignat@...udflare.com>, linux-crypto@...r.kernel.org, keyrings@...r.kernel.org, linux-modules@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH v9 2/9] crypto: Add ML-DSA/Dilithium verify support On Mon, 2025-11-17 at 19:52 +0000, David Howells wrote: > Eric Biggers <ebiggers@...nel.org> wrote: > > > In comparison, BoringSSL has an entire implementation of ML-DSA, > > ... > > ... which cannot be used in the kernel due to the licence. The licence problem is not insurmountable. There are now real lawyers (not just me) prepared to stand up and say Apache-2 is GPL-2 compatible: https://digitalcommons.law.scu.edu/chtlj/vol40/iss3/2/ But even if you don't accept that, Google keeps effective joint ownership of the code through their CLA and so could grant a dual licence to the kernel anyway without needing to refer to any contributors. Regards, James
Powered by blists - more mailing lists