Re: licensing confusion
On Fri, 05 Mar 2004 19:12:12 +0100, Marek Habersack wrote:
> On Fri, Mar 05, 2004 at 11:43:17AM -0500, Andres Salomon scribbled:
>> On Thu, 04 Mar 2004 18:30:27 +0100, Marek Habersack wrote:
>> PHP is definitely not "mixed" (I assume you mean linked against) with
>> GPL'd software. Looking at the things PHP links against, all libraries
>> are either LGPL'd or fall under some other license (even libbz2-1.0, whose
> look at php4-gd (PHP license)- links against libfreetype6 (GPL/FTL with the
> latter being incompatible with GPL)
Note that it is dual licensed; you may pick the license you choose to
use. Obviously, we don't choose the GPL, since it is incompatible w/ the
PHP license. So, we stick with the FTL. It is true that the FTL is
incompatible w/ the GPL, but since PHP isn't (hopefully ;) linking against
anything that is GPL'd, we should be safe. Of course, debian-legal exists
to scrutinize such issues. Linking against libfreetype should be safe.
>> That run-on sentence is making my brain hurt. One generally provides
> I'm sorry, English is not my native language. I hope that this fact
> doesn't offend you.
I didn't mean to sound condescending, I was implying that I couldn't
understand the question.
>> exception clause in their GPL'd software, stating the license (or
> and what if one cannot do that because one is not the copyright holder
> of the software but merely its current developer/maintainer (and the
> copyright holder doesn't want to talk with that person/group)?
>> software) that they will allow linking with (or forming of derived
>> works with). There are numerous examples of this with GPL'd software
>> that links against OpenSSL (at least 2 of my packages have such a
> Since it seems so easy to you, I would welcome any advice regarding
> http://caudium.net/ and OpenSSL. The former is derived from Roxen
> WebServer 1.3, whose copyright belongs to RIS (http://roxen.com/) which
> company doesn't care about the old software and ignored all the attempts
> to request copyright transfer to the Caudium Group. I'm sure you will
> know the answer to that question and I'm grateful for it in advance,
How much code in Caudium is from RIS? It may be easier to simply rip out
those portions of the code, and rewrite it. Otherwise, you can attempt
contacting RIS through other channels. Without their explicit permission,
however, you're pretty much stuck.
Of course, there are alternatives to OpenSSL. It may make the most sense
to simply use GNUTLS. I'm not sure whether there exists an OpenSSL
compatible API for GNUTLS, but its would be worth researching if you can't
get OpenSSL permission. It helps to explain the various license issues
with upstream, so that they can help do whatever is deemed necessary.