https://bugzilla.redhat.com/show_bug.cgi?id=1713767 --- Comment #18 from Björn Persson <bjorn@xxxxxxxxxxxxxxxxxxxx> --- (In reply to Richard W.M. Jones from comment #15) > It's been on my to-do list for a long time to set up letsencrypt on > http://libguestfs.org > but I haven't got around to it yet. However in this case the key is > available from > your favourite GPG keyserver: It's nice that the key is on the keyservers but that's not an authoritative source. A keyring on an HTTPS server under the control of the authors allows anyone to determine with a high degree of confidence that that is the correct key. Anyway, that's not a blocker. (In reply to Richard W.M. Jones from comment #16) > The license does refer to the binary, not the source: > > https://fedoraproject.org/wiki/Packaging:LicensingGuidelines#License:_field > > and I believe LGPLv2+ is correct for the binary lib*.so.* file, even though > it uses a BSD-licensed header file as part of the build. You may be right. I was thinking this was a "mixed source licensing scenario" but it's not entirely clear to me which license combinations that applies to: https://docs.fedoraproject.org/en-US/packaging-guidelines/LicensingGuidelines/#_mixed_source_licensing_scenario -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx
