[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: GPLed software and OpenSSL

On Wed, 2002-05-29 at 12:17, Simon Law wrote:
> On 29 May 2002, Jeff Licquia wrote:
> > Out of curiosity, do you have non-us in your sources.list?  It would be
> > interesting to find out how much of that software is really in main.
> 	Yes, I do have non-us in my list.  Removing it narrow our group
> down to 16, none of which seem to be in violation.

That's good to hear, at least.

> > One "solution" to the problem, assuming that most of the violations are
> > in non-us, would be to not generate ISOs with non-us on them.  This is
> > practical now that crypto-in-main is done.  At least in theory, then,
> > OpenSSL (which is in main) would be "normally distributed" with Debian,
> > and these components would not "accompan[y] the executable".  I don't
> > like it much, but it would at least have a veneer of respectability.
> 	Well, if the stuff is available off Debian servers, then we are
> basically distributing them.  As well, libssl0.9.6 isn't automatically
> installed with the system.  It sort of seems like you're using a
> quirk in the wording as opposed to real technical differences.

Well, yes.  I will note again, for the record, my general distaste for
the argument.  This whole line of reasoning is a concession to practical
considerations, rather than the principled stand Debian is used to
taking (and which I prefer).

The idea behind it is that non-us is "not a part of Debian".  In the
past, this wasn't really considered to be true, but we could make it so
now without giving up OpenSSL support for other packages, ssh, gnupg,
and so on.  The key is that we maintain separate infrastructure for
non-us and the regular Debian archive (which we do already), and that
our CDs not contain non-us, so it becomes plausible that we do not ship
them "together".

We could even use the situation as an excuse for releasing woody, and
then cleaning up the licensing situation in "stable/non-US"
post-release.  Since non-us isn't really part of woody, it can be
updated with less of the rigor we would apply to stable/main.

To UNSUBSCRIBE, email to debian-legal-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: