[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: GnuTLS in Debian

Steve Langasek <vorlon@debian.org> writes:
> On Mon, Dec 23, 2013 at 12:25:40AM +0100, Marco d'Itri wrote:
>> On Dec 22, Moritz Mühlenhoff <jmm@inutil.org> wrote:

>>> We should do that (and also reevaluate the position wrt OpenSSL) by
>>> running it by the Software Freedom Law Center.

>>> Red Hat has real lawyers who looked into the issue, we should do the
>>> same.

>> Agreed, Debian has been promoting bad decisions due to developers
>> playing armchair lawyers for way too long.

> Red Hat only needs to meet the standard that they don't think there's
> risk to the company of being sued for a license violation.  Debian holds
> itself to a higher, ethical standard of complying with the license even
> when the risks are small.

For the specific case of OpenSSL incompatibility with the GPL, I doubt
that's the position that would prevail in a GR.  I think it's rather hard
to see any real harm to either license that comes from combining that
code, or any upstream who actually cares about the apparent
incompatibility for any reason other than because distributions worry
about it.  It's therefore very hard to see how this is somehow a higher
ethical stance.

I'm similarly dubious that the GMP maintainers really don't want it to be
usable with Git through the indirection of GnuTLS, as opposed to not
wanting to (or not being allowed by the FSF to) back down from the policy
of GPLv3 for everything for its other benefits.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>
Reply to: