[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#218832: ITP: libnettle -- a low-level cryptographic library

Marek Habersack wrote:
In fact, I'm considering adding a
list of files in the library and their associated licenses to the
README.Debian in the package once it hits Sid (I've uploaded it already). I
grew aware of problems with licensing while working on Caudium. We, as the
Caudium Group, don't own the copyrights to all the code, but we do own a
huge part of it. I usually license my code under LGPL/MPL (considering IPL
now) but Caudium as a whole is still GPL. In such a crazy situation, it is
crucial that users/developers have detailed information about what parts of
a package are licensed under which licenses and, first of all, that there
exist various licenses to begin with. It really saves one a lot of trouble
later on.

To be complete, consider that you'd have to list interdependencies too. Take the example once more of an application that can't use GPL'd software. You said it might still use libnettle by linking statically and only using parts not under the GPL. But what if one of those parts uses another that is GPL'd? The application author may not even realize it. Even if he was careful and looked at which object files where linked into his app, it still doesn't account for the possibility of a non-GPL'd part using macros, inline code, etc. from a GPL'd part.


http:// if  ile.o g/

Reply to: