Re: Bug#218832: ITP: libnettle -- a low-level cryptographic library

To: grendel@debian.org
Cc: debian-devel <debian-devel@lists.debian.org>
Subject: Re: Bug#218832: ITP: libnettle -- a low-level cryptographic library
From: John Belmonte <jvb@prairienet.org>
Date: Sat, 08 Nov 2003 20:57:36 -0500
Message-id: <[🔎] 3FAD9F10.3090607@prairienet.org>
In-reply-to: <[🔎] 20031109013115.GB1662@thanes.org>
References: <[🔎] 20031102220146.DB2C11703E@beowulf.thanes.org> <[🔎] 3FAA7C92.9090809@prairienet.org> <[🔎] 20031106171610.GA2242@thanes.org> <[🔎] 3FAA9F77.3010408@prairienet.org> <[🔎] 20031108194321.GI20214@deadbeast.net> <[🔎] 3FAD9459.8080402@prairienet.org> <[🔎] 20031109013115.GB1662@thanes.org>

Marek Habersack wrote:

In fact, I'm considering adding a
list of files in the library and their associated licenses to the
README.Debian in the package once it hits Sid (I've uploaded it already). I
grew aware of problems with licensing while working on Caudium. We, as the
Caudium Group, don't own the copyrights to all the code, but we do own a
huge part of it. I usually license my code under LGPL/MPL (considering IPL
now) but Caudium as a whole is still GPL. In such a crazy situation, it is
crucial that users/developers have detailed information about what parts of
a package are licensed under which licenses and, first of all, that there
exist various licenses to begin with. It really saves one a lot of trouble
later on.

To be complete, consider that you'd have to list interdependencies too.Take the example once more of an application that can't use GPL'dsoftware. You said it might still use libnettle by linking staticallyand only using parts not under the GPL. But what if one of those partsuses another that is GPL'd? The application author may not even realizeit. Even if he was careful and looked at which object files wherelinked into his app, it still doesn't account for the possibility of anon-GPL'd part using macros, inline code, etc. from a GPL'd part.


Regards,
-John


--
http:// if  ile.o g/

Reply to:

Follow-Ups:
- Re: Bug#218832: ITP: libnettle -- a low-level cryptographic library
  - From: Marek Habersack <grendel@debian.org>

References:
- Bug#218832: ITP: libnettle -- a low-level cryptographic library
  - From: Marek Habersack <grendel@debian.org>
- Re: Bug#218832: ITP: libnettle -- a low-level cryptographic library
  - From: John Belmonte <jvb@prairienet.org>
- Re: Bug#218832: ITP: libnettle -- a low-level cryptographic library
  - From: Marek Habersack <grendel@debian.org>
- Re: Bug#218832: ITP: libnettle -- a low-level cryptographic library
  - From: John Belmonte <jvb@prairienet.org>
- Re: Bug#218832: ITP: libnettle -- a low-level cryptographic library
  - From: Branden Robinson <branden@debian.org>
- Re: Bug#218832: ITP: libnettle -- a low-level cryptographic library
  - From: John Belmonte <jvb@prairienet.org>
- Re: Bug#218832: ITP: libnettle -- a low-level cryptographic library
  - From: Marek Habersack <grendel@debian.org>

Prev by Date: Re: Bug#218832: ITP: libnettle -- a low-level cryptographic library
Next by Date: Re: On linux kernel packaging issue
Previous by thread: Re: Bug#218832: ITP: libnettle -- a low-level cryptographic library
Next by thread: Re: Bug#218832: ITP: libnettle -- a low-level cryptographic library
Index(es):
- Date
- Thread