treewide: Add SPDX identifier to IETF ASN.1 modules

Message ID	143690ecc1102c0f67fa7faec437ec7b02bb2304.1697885975.git.lukas@wunner.de (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-cifs-owner@vger.kernel.org> Message-Id: <143690ecc1102c0f67fa7faec437ec7b02bb2304.1697885975.git.lukas@wunner.de> From: Lukas Wunner <lukas@wunner.de> Date: Sat, 21 Oct 2023 13:23:44 +0200 Subject: [PATCH] treewide: Add SPDX identifier to IETF ASN.1 modules To: Thomas Gleixner <tglx@linutronix.de>, Greg Kroah-Hartman <gregkh@linuxfoundation.org>, linux-spdx@vger.kernel.org Cc: David Howells <dhowells@redhat.com>, Tadeusz Struk <tadeusz.struk@linaro.org>, Herbert Xu <herbert@gondor.apana.org.au>, "David S. Miller" <davem@davemloft.net>, keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, Hyunchul Lee <hyc.lee@gmail.com>, Namjae Jeon <linkinjeon@kernel.org>, Steve French <sfrench@samba.org>, Sergey Senozhatsky <senozhatsky@chromium.org>, Tom Talpey <tom@talpey.com>, linux-cifs@vger.kernel.org, Taehee Yoo <ap420073@gmail.com>, Pablo Neira Ayuso <pablo@netfilter.org>, Jozsef Kadlecsik <kadlec@netfilter.org>, Florian Westphal <fw@strlen.de>, coreteam@netfilter.org, netfilter-devel@vger.kernel.org Precedence: bulk
Series	treewide: Add SPDX identifier to IETF ASN.1 modules \| expand treewide: Add SPDX identifier to IETF ASN.1 modules

Message ID

143690ecc1102c0f67fa7faec437ec7b02bb2304.1697885975.git.lukas@wunner.de (mailing list archive)

State

New, archived

Headers

Message-Id: 
 <143690ecc1102c0f67fa7faec437ec7b02bb2304.1697885975.git.lukas@wunner.de>
From: Lukas Wunner <lukas@wunner.de>
Date: Sat, 21 Oct 2023 13:23:44 +0200
Subject: [PATCH] treewide: Add SPDX identifier to IETF ASN.1 modules
To: Thomas Gleixner <tglx@linutronix.de>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        linux-spdx@vger.kernel.org
Cc: David Howells <dhowells@redhat.com>,
        Tadeusz Struk <tadeusz.struk@linaro.org>,
        Herbert Xu <herbert@gondor.apana.org.au>,
        "David S. Miller" <davem@davemloft.net>, keyrings@vger.kernel.org,
        linux-crypto@vger.kernel.org, Hyunchul Lee <hyc.lee@gmail.com>,
        Namjae Jeon <linkinjeon@kernel.org>,
        Steve French <sfrench@samba.org>,
        Sergey Senozhatsky <senozhatsky@chromium.org>,
        Tom Talpey <tom@talpey.com>, linux-cifs@vger.kernel.org,
        Taehee Yoo <ap420073@gmail.com>,
        Pablo Neira Ayuso <pablo@netfilter.org>,
        Jozsef Kadlecsik <kadlec@netfilter.org>,
        Florian Westphal <fw@strlen.de>, coreteam@netfilter.org,
        netfilter-devel@vger.kernel.org
Precedence: bulk

Series

treewide: Add SPDX identifier to IETF ASN.1 modules | expand

Commit Message

Lukas Wunner Oct. 21, 2023, 11:23 a.m. UTC

Per section 4.c. of the IETF Trust Legal Provisions, "Code Components"
in IETF Documents are licensed on the terms of the BSD-3-Clause license:

https://trustee.ietf.org/documents/trust-legal-provisions/tlp-5/

The term "Code Components" specifically includes ASN.1 modules:

https://trustee.ietf.org/documents/trust-legal-provisions/code-components-list-3/

Add an SPDX identifier as well as a copyright notice pursuant to section
6.d. of the Trust Legal Provisions to all ASN.1 modules in the tree
which are derived from IETF Documents.

Section 4.d. of the Trust Legal Provisions requests that each Code
Component identify the RFC from which it is taken, so link that RFC
in every ASN.1 module.

Signed-off-by: Lukas Wunner <lukas@wunner.de>
---
 I'm adding a new IETF ASN.1 module for PCI device authentication, hence
 had to research what the correct license is.  Thought I'd fix this up
 treewide while at it.

 Not included here is fs/smb/client/cifs_spnego_negtokeninit.asn1,
 which is similar to fs/smb/client/ksmbd_spnego_negtokeninit.asn1,
 but contains a Microsoft extension published as Open Specifications
 Documentation.  It's unclear to me what license they use:
 https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-spng/

 crypto/asymmetric_keys/pkcs7.asn1            | 7 +++++++
 crypto/asymmetric_keys/pkcs8.asn1            | 6 ++++++
 crypto/asymmetric_keys/x509.asn1             | 7 +++++++
 crypto/asymmetric_keys/x509_akid.asn1        | 5 +++++
 crypto/rsaprivkey.asn1                       | 7 +++++++
 crypto/rsapubkey.asn1                        | 7 +++++++
 fs/smb/server/ksmbd_spnego_negtokeninit.asn1 | 8 ++++++++
 fs/smb/server/ksmbd_spnego_negtokentarg.asn1 | 7 +++++++
 net/ipv4/netfilter/nf_nat_snmp_basic.asn1    | 8 ++++++++
 9 files changed, 62 insertions(+)

Comments

Richard Fontana Oct. 21, 2023, 1:23 p.m. UTC | #1

On Sat, Oct 21, 2023 at 7:25 AM Lukas Wunner <lukas@wunner.de> wrote:
>
> Per section 4.c. of the IETF Trust Legal Provisions, "Code Components"
> in IETF Documents are licensed on the terms of the BSD-3-Clause license:
>
> https://trustee.ietf.org/documents/trust-legal-provisions/tlp-5/
>
> The term "Code Components" specifically includes ASN.1 modules:
>
> https://trustee.ietf.org/documents/trust-legal-provisions/code-components-list-3/

Sorry if this seems super-pedantic but I am pretty sure the license
text in the IETF Trust Legal Provisions does not actually match SPDX
`BSD-3-Clause` because of one additional word in clause 3 ("specific"
before "contributors"), so IMO you should get SPDX to modify its
definition of `BSD-3-Clause` prior to applying this patch (or get IETF
to change its version of the license, but I imagine that would be more
difficult). This issue of a multitude of nonsubstantively different,
non-matching versions of clause 3 is a common issue that has been
coming up in the Fedora project's adoption of SPDX identifiers for
license metadata.

Richard

Lukas Wunner Oct. 22, 2023, 8:53 a.m. UTC | #2

On Sat, Oct 21, 2023 at 09:23:55AM -0400, Richard Fontana wrote:
> On Sat, Oct 21, 2023 at 7:25???AM Lukas Wunner <lukas@wunner.de> wrote:
> >
> > Per section 4.c. of the IETF Trust Legal Provisions, "Code Components"
> > in IETF Documents are licensed on the terms of the BSD-3-Clause license:
> >
> > https://trustee.ietf.org/documents/trust-legal-provisions/tlp-5/
> >
> > The term "Code Components" specifically includes ASN.1 modules:
> >
> > https://trustee.ietf.org/documents/trust-legal-provisions/code-components-list-3/
> 
> Sorry if this seems super-pedantic but I am pretty sure the license
> text in the IETF Trust Legal Provisions does not actually match SPDX
> `BSD-3-Clause` because of one additional word in clause 3 ("specific"
> before "contributors"), so IMO you should get SPDX to modify its
> definition of `BSD-3-Clause` prior to applying this patch (or get IETF
> to change its version of the license, but I imagine that would be more
> difficult).

I've submitted a pull request to modify the SPDX definition of
BSD-3-Clause for the IETF variant:

https://github.com/spdx/license-list-XML/pull/2218

I assume this addresses your concern?  Let me know if it doesn't.

If anyone has further objections to this patch please speak up.

Thanks,

Lukas

Herbert Xu Oct. 27, 2023, 10:55 a.m. UTC | #3

On Sat, Oct 21, 2023 at 01:23:44PM +0200, Lukas Wunner wrote:
> Per section 4.c. of the IETF Trust Legal Provisions, "Code Components"
> in IETF Documents are licensed on the terms of the BSD-3-Clause license:
> 
> https://trustee.ietf.org/documents/trust-legal-provisions/tlp-5/
> 
> The term "Code Components" specifically includes ASN.1 modules:
> 
> https://trustee.ietf.org/documents/trust-legal-provisions/code-components-list-3/
> 
> Add an SPDX identifier as well as a copyright notice pursuant to section
> 6.d. of the Trust Legal Provisions to all ASN.1 modules in the tree
> which are derived from IETF Documents.
> 
> Section 4.d. of the Trust Legal Provisions requests that each Code
> Component identify the RFC from which it is taken, so link that RFC
> in every ASN.1 module.
> 
> Signed-off-by: Lukas Wunner <lukas@wunner.de>
> ---
>  I'm adding a new IETF ASN.1 module for PCI device authentication, hence
>  had to research what the correct license is.  Thought I'd fix this up
>  treewide while at it.
> 
>  Not included here is fs/smb/client/cifs_spnego_negtokeninit.asn1,
>  which is similar to fs/smb/client/ksmbd_spnego_negtokeninit.asn1,
>  but contains a Microsoft extension published as Open Specifications
>  Documentation.  It's unclear to me what license they use:
>  https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-spng/
> 
>  crypto/asymmetric_keys/pkcs7.asn1            | 7 +++++++
>  crypto/asymmetric_keys/pkcs8.asn1            | 6 ++++++
>  crypto/asymmetric_keys/x509.asn1             | 7 +++++++
>  crypto/asymmetric_keys/x509_akid.asn1        | 5 +++++
>  crypto/rsaprivkey.asn1                       | 7 +++++++
>  crypto/rsapubkey.asn1                        | 7 +++++++
>  fs/smb/server/ksmbd_spnego_negtokeninit.asn1 | 8 ++++++++
>  fs/smb/server/ksmbd_spnego_negtokentarg.asn1 | 7 +++++++
>  net/ipv4/netfilter/nf_nat_snmp_basic.asn1    | 8 ++++++++
>  9 files changed, 62 insertions(+)

Patch applied.  Thanks.

J Lovejoy Oct. 31, 2023, 2:23 a.m. UTC | #4

On 10/22/23 4:53 AM, Lukas Wunner wrote:
> On Sat, Oct 21, 2023 at 09:23:55AM -0400, Richard Fontana wrote:
>> On Sat, Oct 21, 2023 at 7:25???AM Lukas Wunner <lukas@wunner.de> wrote:
>>> Per section 4.c. of the IETF Trust Legal Provisions, "Code Components"
>>> in IETF Documents are licensed on the terms of the BSD-3-Clause license:
>>>
>>> https://trustee.ietf.org/documents/trust-legal-provisions/tlp-5/
>>>
>>> The term "Code Components" specifically includes ASN.1 modules:
>>>
>>> https://trustee.ietf.org/documents/trust-legal-provisions/code-components-list-3/
>> Sorry if this seems super-pedantic but I am pretty sure the license
>> text in the IETF Trust Legal Provisions does not actually match SPDX
>> `BSD-3-Clause` because of one additional word in clause 3 ("specific"
>> before "contributors"), so IMO you should get SPDX to modify its
>> definition of `BSD-3-Clause` prior to applying this patch (or get IETF
>> to change its version of the license, but I imagine that would be more
>> difficult).
> I've submitted a pull request to modify the SPDX definition of
> BSD-3-Clause for the IETF variant:
>
> https://github.com/spdx/license-list-XML/pull/2218
>
> I assume this addresses your concern?  Let me know if it doesn't.
>
> If anyone has further objections to this patch please speak up.
Thanks for submitting the PR! Usually this is something that would be 
discussed via an issue before making a PR. I made one here 
https://github.com/spdx/license-list-XML/issues/2242 and will have a 
closer look shortly. Also ideally, this patch would not be applied until 
the additional markup is confirmed by SPDX (in case this is deemed a new 
license and needs a new/different identifier)

thanks,
Jilayne
> Thanks,
>
> Lukas

diff --git a/crypto/asymmetric_keys/pkcs7.asn1 b/crypto/asymmetric_keys/pkcs7.asn1
index 1eca740..28e1f4a 100644
--- a/crypto/asymmetric_keys/pkcs7.asn1
+++ b/crypto/asymmetric_keys/pkcs7.asn1
@@ -1,3 +1,10 @@ 
+-- SPDX-License-Identifier: BSD-3-Clause
+--
+-- Copyright (C) 2009 IETF Trust and the persons identified as authors
+-- of the code
+--
+-- https://www.rfc-editor.org/rfc/rfc5652#section-3
+
 PKCS7ContentInfo ::= SEQUENCE {
 	contentType	ContentType ({ pkcs7_check_content_type }),
 	content		[0] EXPLICIT SignedData OPTIONAL
diff --git a/crypto/asymmetric_keys/pkcs8.asn1 b/crypto/asymmetric_keys/pkcs8.asn1
index 702c41a..a2a8af2 100644
--- a/crypto/asymmetric_keys/pkcs8.asn1
+++ b/crypto/asymmetric_keys/pkcs8.asn1
@@ -1,3 +1,9 @@ 
+-- SPDX-License-Identifier: BSD-3-Clause
+--
+-- Copyright (C) 2010 IETF Trust and the persons identified as authors
+-- of the code
+--
+-- https://www.rfc-editor.org/rfc/rfc5958#section-2
 --
 -- This is the unencrypted variant
 --
diff --git a/crypto/asymmetric_keys/x509.asn1 b/crypto/asymmetric_keys/x509.asn1
index 92d59c3..feb9573 100644
--- a/crypto/asymmetric_keys/x509.asn1
+++ b/crypto/asymmetric_keys/x509.asn1
@@ -1,3 +1,10 @@ 
+-- SPDX-License-Identifier: BSD-3-Clause
+--
+-- Copyright (C) 2008 IETF Trust and the persons identified as authors
+-- of the code
+--
+-- https://www.rfc-editor.org/rfc/rfc5280#section-4
+
 Certificate ::= SEQUENCE {
 	tbsCertificate		TBSCertificate ({ x509_note_tbs_certificate }),
 	signatureAlgorithm	AlgorithmIdentifier,
diff --git a/crypto/asymmetric_keys/x509_akid.asn1 b/crypto/asymmetric_keys/x509_akid.asn1
index 1a33231..164b2ed 100644
--- a/crypto/asymmetric_keys/x509_akid.asn1
+++ b/crypto/asymmetric_keys/x509_akid.asn1
@@ -1,3 +1,8 @@ 
+-- SPDX-License-Identifier: BSD-3-Clause
+--
+-- Copyright (C) 2008 IETF Trust and the persons identified as authors
+-- of the code
+--
 -- X.509 AuthorityKeyIdentifier
 -- rfc5280 section 4.2.1.1
 
diff --git a/crypto/rsaprivkey.asn1 b/crypto/rsaprivkey.asn1
index 4ce0675..76865124 100644
--- a/crypto/rsaprivkey.asn1
+++ b/crypto/rsaprivkey.asn1
@@ -1,3 +1,10 @@ 
+-- SPDX-License-Identifier: BSD-3-Clause
+--
+-- Copyright (C) 2016 IETF Trust and the persons identified as authors
+-- of the code
+--
+-- https://www.rfc-editor.org/rfc/rfc8017#appendix-A.1.2
+
 RsaPrivKey ::= SEQUENCE {
 	version		INTEGER,
 	n		INTEGER ({ rsa_get_n }),
diff --git a/crypto/rsapubkey.asn1 b/crypto/rsapubkey.asn1
index 725498e..0d32b1c 100644
--- a/crypto/rsapubkey.asn1
+++ b/crypto/rsapubkey.asn1
@@ -1,3 +1,10 @@ 
+-- SPDX-License-Identifier: BSD-3-Clause
+--
+-- Copyright (C) 2016 IETF Trust and the persons identified as authors
+-- of the code
+--
+-- https://www.rfc-editor.org/rfc/rfc8017#appendix-A.1.1
+
 RsaPubKey ::= SEQUENCE {
 	n INTEGER ({ rsa_get_n }),
 	e INTEGER ({ rsa_get_e })
diff --git a/fs/smb/server/ksmbd_spnego_negtokeninit.asn1 b/fs/smb/server/ksmbd_spnego_negtokeninit.asn1
index 0065f19..00151380 100644
--- a/fs/smb/server/ksmbd_spnego_negtokeninit.asn1
+++ b/fs/smb/server/ksmbd_spnego_negtokeninit.asn1
@@ -1,3 +1,11 @@ 
+-- SPDX-License-Identifier: BSD-3-Clause
+--
+-- Copyright (C) 1998, 2000 IETF Trust and the persons identified as authors
+-- of the code
+--
+-- https://www.rfc-editor.org/rfc/rfc2478#section-3.2.1
+-- https://www.rfc-editor.org/rfc/rfc2743#section-3.1
+
 GSSAPI ::=
 	[APPLICATION 0] IMPLICIT SEQUENCE {
 		thisMech
diff --git a/fs/smb/server/ksmbd_spnego_negtokentarg.asn1 b/fs/smb/server/ksmbd_spnego_negtokentarg.asn1
index 1151933..797e485 100644
--- a/fs/smb/server/ksmbd_spnego_negtokentarg.asn1
+++ b/fs/smb/server/ksmbd_spnego_negtokentarg.asn1
@@ -1,3 +1,10 @@ 
+-- SPDX-License-Identifier: BSD-3-Clause
+--
+-- Copyright (C) 1998 IETF Trust and the persons identified as authors
+-- of the code
+--
+-- https://www.rfc-editor.org/rfc/rfc2478#section-3.2.1
+
 GSSAPI ::=
 	CHOICE {
 		negTokenInit
diff --git a/net/ipv4/netfilter/nf_nat_snmp_basic.asn1 b/net/ipv4/netfilter/nf_nat_snmp_basic.asn1
index 24b7326..dc2cc57 100644
--- a/net/ipv4/netfilter/nf_nat_snmp_basic.asn1
+++ b/net/ipv4/netfilter/nf_nat_snmp_basic.asn1
@@ -1,3 +1,11 @@ 
+-- SPDX-License-Identifier: BSD-3-Clause
+--
+-- Copyright (C) 1990, 2002 IETF Trust and the persons identified as authors
+-- of the code
+--
+-- https://www.rfc-editor.org/rfc/rfc1157#section-4
+-- https://www.rfc-editor.org/rfc/rfc3416#section-3
+
 Message ::=
 	SEQUENCE {
 		version