[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: curl situation is intolerable

>>>>> "Steve" == Steve Langasek <vorlon@debian.org> writes:

    Steve> On Sun, Sep 11, 2005 at 09:46:26PM -0700, Thomas Bushnell
    Steve> BSG wrote:
    >> I don't care about the callback.  The package maintainers have
    >> the job of deciding whether the packages implement the same ABI
    >> or not.  DECIDE.

    >> If the answer is "yes", then they should both be drop-in
    >> replacements, and Provide the same virtual package.

    Steve> That isn't really an option so long as we have the
    Steve> GPL/OpenSSL license issue to deal with, regardless of
    Steve> whether the ABI matches.

If you take this argument to its extreme, then there would be a
problem with package X if the administrator set it up to use PAM
modules that use incompatible libraries. I don't know if any case
exists in Debian, and don't want to search (in case the response is to
remove the package in question) but note that libpam-heimdal depends
on heimdal which depends on kerberos4kth which depends on openssl. An
administrator could setup libpam-heimdal in an application that has a
GPL licence...

I mean... if the administrator wants to use a library that happens to
have an incompatible licence, isn't this his/her business? Can't we
just say use the gnutls version as the default?

If I misunderstood the concern in anyway, then I apologise. I am
running on the assumption that it would be possible to have both
packages implement the same ABI and become drop in replacements for
each other.

Oh, BTW, gnutls isn't a complete 100% solution either, IIRC packages
exist that require openssl because the license is GPL incompatible.
Brian May <bam@debian.org>

Reply to: