[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: GPLed software and OpenSSL

Steve Langasek <vorlon@netexpress.net>:

> > > One "solution" to the problem, assuming that most of the violations are
> > > in non-us, would be to not generate ISOs with non-us on them.  This is
> > > practical now that crypto-in-main is done.  At least in theory, then,
> > > OpenSSL (which is in main) would be "normally distributed" with Debian,
> > > and these components would not "accompan[y] the executable".  I don't
> > > like it much, but it would at least have a veneer of respectability.
> > 	Well, if the stuff is available off Debian servers, then we are
> > basically distributing them.  As well, libssl0.9.6 isn't automatically
> > installed with the system.  It sort of seems like you're using a
> > quirk in the wording as opposed to real technical differences.
> In the legal world, wording makes all the difference.  The GPL
> specifically talks about code that's distributed *with* the GPLed
> binary, not about code distributed *by the same people as* the GPLed
> binary, and we have no reason to believe that this distinction was
> unintentional.  Many vendors of proprietary Unices (e.g., Sun) seem to
> already be counting on the fact that it is not.

This seems very dodgy. Firstly, you're claiming that main does not
accompany non-us, which is very hard to justify as it's all on the
same servers and non-us doesn't make much sense without main.
Secondly, it doesn't really conform with the DFSG as you are forcing
everyone else to maintain this fictional division between main and
non-us. On the other hand, if you would move the violating packages
into contrib, perhaps it would make more sense.


To UNSUBSCRIBE, email to debian-legal-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: