[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Freedombox-discuss] Introducing myself and netsukuku

On 03/04/2011 06:32 PM, Matt Willsher wrote:
> On 4 March 2011 22:55, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
>>  http://people.gnome.org/~markmc/openssl-and-the-gpl.html
> How does Debian ship with OpenSSL given this?

debian ships nothing that depends on both OpenSSL and pure GPL'ed code.
 There is lots of free software falls into this category:

 a) the software can link to OpenSSL and other (non-GPLed) free software;

 b) the software can link to GPLed software (and not to OpenSSL

 c) the software can link to neither GPLed software nor OpenSSL.

(there is also the side case of software that is itself under the GPL,
that links to no other GPLed software, but *does* link to OpenSSL; some
authors of such software explicitly grant an "OpenSSL exception"; this
still is suboptimal because it means they can't link to other GPLed code
that does not have such an exception)

It's the combination of the GPL and OpenSSL licenses in one package
that's the problem.  Debian respects the licenses placed on the tools by
their authors.

If you notice something like that slipped through the cracks, please
report a bug against the appropriate package.  This isn't a happy thing,
but we respect the authors' stated intent; so we deal with it.

As an upstream developer, the easiest way to avoid the license morass is
to just use GnuTLS or libNSS instead of OpenSSL; both GnuTLS and libNSS
are license-compatible with GPLed code.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20110304/457f3e27/attachment.pgp>

Reply to: