Last Comment Bug 392696 - Fix copyright boilerplate in all new PKIX code
: Fix copyright boilerplate in all new PKIX code
Status: RESOLVED FIXED
PKIX
:
Product: NSS
Classification: Components
Component: Libraries (show other bugs)
: trunk
: All All
: P1 normal (vote)
: 3.12
Assigned To: Christophe Ravel
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2007-08-18 01:12 PDT by Nelson Bolyard (seldom reads bugmail)
Modified: 2007-08-30 20:26 PDT (History)
3 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
License block (1.68 KB, text/plain)
2007-08-29 14:48 PDT, Christophe Ravel
nelson: review+
julien.pierre: superreview+
Details
Changes for lib/libpkix, cmd/libpkix and tests/libpkix (391.40 KB, patch)
2007-08-30 14:59 PDT, Christophe Ravel
nelson: review+
Details | Diff | Splinter Review

Description Nelson Bolyard (seldom reads bugmail) 2007-08-18 01:12:40 PDT
All the new PKIX code that was contributed to NSS on the trunk has 
incorrect copyright boilerplate.  The copyright boilerplate in all 
the new PKIX files needs to be fixed, including the new library code and
the new test cmd code.  

This is a task that could be undertaken by someone who knows c and cvs 
even if they do not normally develop NSS libraries or test programs.  

ALL the new PKIX code files were contributed with a license boilerplate
text that reads:

 * The Original Code is the Netscape security libraries.
 *
 * The Initial Developer of the Original Code is
 * Netscape Communications Corporation.
 * Portions created by the Initial Developer are Copyright (C) 1994-2000
 * the Initial Developer. All Rights Reserved.
 *
 * Contributor(s):
 *   Sun Microsystems

That is incorrect in many ways.  
1) This code was NOT part of Netscape's security libraries
2) Netscape Communications Corporation is NOT the Initial developer
3) This code did not exist in 1994.
4) This code has been changed since year 2000.

This should have been corrected before the code was merged to the trunk.
It MUST be corrected before NSS 3.12 RTM.

We should come up with the correct name for the PKIX code.
The Initial Developer of the Original Code is Sun Microsystems, Inc.
The copyright date range must start with the year in which this C code 
was first written by the Sun team that started on it, and should end 
with the year 2007, since we are working on it this year.
Comment 1 Christophe Ravel 2007-08-24 13:07:25 PDT
What is the list of directories or files that is impacted ?
Comment 2 Christophe Ravel 2007-08-24 13:18:27 PDT
The copyright text should be:

"
/*
 * ***** BEGIN LICENSE BLOCK *****
 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
 *
 * The contents of this file are subject to the Mozilla Public License Version
 * 1.1 (the "License"); you may not use this file except in compliance with
 * the License. You may obtain a copy of the License at
 * http://www.mozilla.org/MPL/
 *
 * Software distributed under the License is distributed on an "AS IS" basis,
 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
 * for the specific language governing rights and limitations under the
 * License.
 *
 * The Original Code is the [PKIX_LIBRARY_NAME].
 *
 * The Initial Developer of the Original Code is
 * Sun Microsystems, Inc.
 * Portions created by the Initial Developer are Copyright (C) [START_DATE]-2007
 * the Initial Developer. All Rights Reserved.
 *
 * Contributor(s):
 *   Sun Microsystems, Inc.
 *
 * Alternatively, the contents of this file may be used under the terms of
 * either the GNU General Public License Version 2 or later (the "GPL"), or
 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
 * in which case the provisions of the GPL or the LGPL are applicable instead
 * of those above. If you wish to allow use of your version of this file only
 * under the terms of either the GPL or the LGPL, and not to allow others to
 * use your version of this file under the terms of the MPL, indicate your
 * decision by deleting the provisions above and replace them with the notice
 * and other provisions required by the GPL or the LGPL. If you do not delete
 * the provisions above, a recipient may use your version of this file under
 * the terms of any one of the MPL, the GPL or the LGPL.
 *
 * ***** END LICENSE BLOCK ***** */
"

Who has the missing information for:
- [START_DATE]: date when Sun started the work on libpkix
- [PKIX_LIBRARY_NAME]: Nelson seems to suggest that "the PKIX library" is not good enough. Any other suggestion ?
Comment 3 Christophe Ravel 2007-08-24 13:35:44 PDT
I found some of the missing information in Bug 358785:
- list of new files in the following directories and sub-directories:
    mozilla/security/nss/cmd/libpkix
    mozilla/security/nss/lib/libpkix
    mozilla/security/nss/tests/libpkix

- START_DATE: 2004

Still missing: proper name for [PKIX_LIBRARY_NAME]
Comment 4 Nelson Bolyard (seldom reads bugmail) 2007-08-24 15:08:48 PDT
It would be useful to go find the open source of the Java lib PKIX and 
find the string with which that code identifies itself.  Then we should
use a string that is similar, but not identical, to that one.  Our 
string should identify that our library is a C language implementation,
not Java.
Comment 5 Christophe Ravel 2007-08-28 14:11:36 PDT
I found the original license text for libpkix at http://libpkix.sourceforge.net/license.txt. I may need the assistance of a lawyer to sort things out.

I also found a name for PKIX from the IETF web site: Public-Key Infrastructure X.509.

I suggest that [PKIX_LIBRARY_NAME]="the Public-Key Infrastructure X.509 library".

If you don't like it, please raise your hand and make another proposition.

Comment 6 Christophe Ravel 2007-08-28 14:13:12 PDT
Alternative for [PKIX_LIBRARY_NAME]="the Internet X.509 Public Key Infrastructure library" (from an alternate naming found on the IETF web site).
Comment 7 Nelson Bolyard (seldom reads bugmail) 2007-08-28 17:13:46 PDT
As the original author of the code, Sun is free to license the code 
to multiple parties under different license terms.  The copyright notices
for the different distributions should agree on the date or origin, and 
the name of the copyright holder.  

Let's keep the name nice and short.  I like "libPKIX-C" or "PKIX-C" 
or "PKIX-C library".
Comment 8 Christophe Ravel 2007-08-29 14:48:52 PDT
Created attachment 278852 [details]
License block

Please review the license block before I modify 488 files (208 in lib/libpkix, 109 in cmd/libpkix and 171 in tests/libpkix).
Comment 9 Nelson Bolyard (seldom reads bugmail) 2007-08-29 15:14:28 PDT
Comment on attachment 278852 [details]
License block

Looks good to me. r=nelson
Comment 10 Christophe Ravel 2007-08-30 14:59:18 PDT
Created attachment 279013 [details] [diff] [review]
Changes for lib/libpkix, cmd/libpkix and tests/libpkix

Applies the License block from attachment #1 [details] [diff] [review] to all files under lib/libpkix, cmd/libpkix and tests/libpkix.
Comment 11 Nelson Bolyard (seldom reads bugmail) 2007-08-30 15:39:14 PDT
Comment on attachment 279013 [details] [diff] [review]
Changes for lib/libpkix, cmd/libpkix and tests/libpkix

r=nelson
Thanks, Christophe
Comment 12 Christophe Ravel 2007-08-30 20:26:57 PDT
Changes committed to HEAD.
Nelson asked me not to paste all the revs into the bug.

Note You need to log in before you can comment on or make changes to this bug.