[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: System libraries and the GPLv2

Carlos Alberto Lopez Perez <clopez@igalia.com> writes:

> On 30/03/17 03:11, Clint Byrum wrote:
>> Excerpts from Carlos Alberto Lopez Perez's message of 2017-03-30 02:49:04 +0200:
>>> On 30/03/17 00:24, Philipp Kern wrote:
>>>> On 03/29/2017 11:10 PM, Carlos Alberto Lopez Perez wrote:
>>>>> So, the best case situation (IMHO) would be that a lawyer tell us that
>>>>> Apache 2.0 is also compatible with GPLv2-only, and that we stop playing
>>>>> the game of being amateur lawyers instead of software developers.
>>>> But that's not how the law works in the US. Without actual litigation
>>>> and precedent, the most you'll get is a risk assessment of getting sued
>>>> and your likelihood of winning if so. :)
>>>> Kind regards and IANAL
>>>> Philipp Kern
>>> Right. That is how it also works in Spain, and I suspect that in many
>>> other countries work the same way.
>>> I understand that Debian wants to take a position of zero (or minimal)
>>> risk, and I also understand the desire to respect the interpretation of
>>> the FSF about the GPL (they don't think this two licenses are compatibles).
>> I believe that this is a fundamental difference between RedHat and Debian.
>> RedHat is going to do everything within the law and inside their values
>> for a profit. Their values don't include a strict adherence to the wishes
>> of copyright holders, but strict adherence to the law.
>> But our values do include respect for copyright holder rights. So while
>> we can probably get away with this legally, it's been decided (a few
>> times?) that without the GPL licensor's consent, we can't in good faith
>> produce a combination of OpenSSL and a GPL program.
> Just a simple question:
> Do you (or anyone else) _really_ think the copyright holders of the GPL
> program in question had any intention ever of not allowing their program
> to be used along with OpenSSL, when they where the ones implementing
> support for using it on the first place?

Sorry, but people's intent is not sufficient.

Let's we decide that we're going to ignore a license, because the
author's a jolly nice person who obviously wasn't concentrating when
they chose the license.

We thus inflict this license violation on our users, our downstreams,
and their users.

Some of those users might then build their infrastructure upon that
software, meaning that changing it could be very costly, and those users
might be wealthy enough to be interesting to copyright trolls.

Then the copyright holder dies and their estate passes on to someone
that wants to maximise its value, so they sell the copyright to a
copyright troll, who then goes around threatening to sue for the GPL
violation, offering an explicit exception ... for a fee.

I think our users expect us not to put them in that situation.

What is the huge upside that makes it worth forcing our users to take
this risk without their explicit consent?

Cheers, Phil.
|)|  Philip Hands  [+44 (0)20 8530 9560]  HANDS.COM Ltd.
|-|  http://www.hands.com/    http://ftp.uk.debian.org/
|(|  Hugo-Klemm-Strasse 34,   21075 Hamburg,    GERMANY

Attachment: signature.asc
Description: PGP signature

Reply to: