[OE-core] [PATCH V2 7/7] opkg-keyrings: New recipe

Paul Barker paul at paulbarker.me.uk
Wed Feb 11 08:14:46 UTC 2015


On Tue, Feb 10, 2015 at 06:43:34PM -0600, Richard Tollerton wrote:
> Paul Barker <paul at paulbarker.me.uk> writes:
> 
> > This recipe wraps package and package feed verification keys into a package,
> > making the management and deployment of verification keys much easier. Comments
> > on how to select keys for inclusion in this package are provided in the recipe
> > file.
> 
> Would you be receptive to this package being extended to support OpenSSL
> keys?

I wouldn't advise it.

There is no 'OpenSSL exception' in the opkg license and so a few people have
been worried that shipping binaries of opkg linked against OpenSSL is a breach
of the respective licenses. IANAL, but people have been concerned.

OpenSSL support is probably less tested than gpg support as well.

However, if it's something you're already using, have tested and are comfortable
with the licensing implications then go for it.

Thanks,

-- 
Paul Barker

Email: paul at paulbarker.me.uk
http://www.paulbarker.me.uk
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20150211/6d16ac3c/attachment-0002.sig>


More information about the Openembedded-core mailing list