Margaret Lum wrote:
As discussed in the past on fedora-extras-list and other mediums, it
may be impossible to ship this in Fedora or RHEL signed because that
is in conflict with our licenses and guarantees of reproducibility.
IIRC, there was a consensus (which perhaps others on this list can
correlate) that we can forego signing this package in Fedora. However,
the proprietary version will still be signed.
Right, unsigned in Fedora. Proprietary or 3rd party apps needing a
signed JAR would need to provide it from a separate source. Can you
confirm that it could be parallel installed without much trouble?
Red Hat (the company) could (pending legal approval) choose to proceed
with this as part of an internal product. But as the rules stand
today, Fedora cannot ship this signed.
We will ship this UNsigned, in Fedora. Can approval be re-evaluated?
Right, yes it can.
Warren Togami
wtogami@xxxxxxxxxx
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
