Miscellaneous legal packaging topics

All original Fedora contributions are governed by the Fedora Project Contributor Agreement (FPCA). For all practical purposes, all Fedora spec files are contributed by FPCA signers. This means that unless a spec file contains an explicit license or license notice stating otherwise, or there is some other evidence to the contrary, the spec file is available under the terms of the MIT license, to the extent it is copyrightable. Where there is no explicit MIT license notice in a spec file, it is understood that there is no requirement to add one (that is to say, the "default" MIT license is equivalent to MIT No Attribution).

Some non-executable data or content exists that is required to make free and open source game engines functional. Such data or content usually comes with the game engine as freely distributable, but not necessarily under a free and open source license allowed by Fedora. An example of this would be open sourced game engines, such as Doom, Heretic, and Descent. These game engines come with freely distributable shareware gamedata files.

In this case, the game data or content files can be packaged and included in Fedora, as long as the files meet the requirements to be otherwise allowed in Fedora, such as allowed-firmware or allowed-content.

Some emulators (applications which emulate another platform) are not permitted for inclusion in Fedora Linux. These rules will help you determine if an emulator is acceptable for Fedora.

It is common to encounter old RSA reference C implementations of the MD5 message-digest algorithm under a free software license containing an advertising requirement, similar to the better-known advertising clause in old versions of the BSD license. Such advertising clauses have generally been understood to be GPL-incompatible. The RSA license is included in the SPDX License List under the short identifier RSA-MD. The MD5 reference implementation also appears in RFC 1321, which states that distribution of the RFC document is "unlimited."

In 2000 RSA provided a clarification of "the status of intellectual property rights asserted by [RSA] in the MD2, MD4 and MD5 message-digest algorithms", saying "Implementations of these message-digest algorithms, including implementations derived from the reference C code in RFC-1319, RFC-1320, and RFC-1321, may be made, used, and sold without license from RSA for any purpose."

Fedora traditionally interpreted this RSA statement as, in effect, superseding the RSA-MD license except to the extent that the license required "copyright attribution".

Under present-day policies for populating the spec file License: field, if you encounter RSA code under this license, you do not need to, and probably should not, do any of the following:

However, unless you have guidance from Fedora Legal suggesting otherwise, you should retain the RSA copyright and license notice as found in the upstream source code.

The following ECC curves are currently permitted in Fedora: