Re: GPL-licensed packages with depend-chain to OpenSSL

To: Debian-legal Legal <debian-legal@lists.debian.org>
Subject: Re: GPL-licensed packages with depend-chain to OpenSSL
From: Raul Miller <moth@debian.org>
Date: Fri, 10 Sep 2004 09:08:47 -0400
Message-id: <[🔎] 20040910090847.V31498@links.magenta.com>
In-reply-to: <[🔎] F7CCF3CC-0325-11D9-B0FA-00039317863E@suespammers.org>; from asd@suespammers.org on Fri, Sep 10, 2004 at 08:35:59AM -0400
References: <20040819183729.GA11054@mauritius.dodds.net> <20040819221257.GB2727@suffields.me.uk> <874qmy3b78.fsf@deneb.enyo.de> <[🔎] D05D2B9A-FD3C-11D8-8F3A-00039317863E@suespammers.org> <[🔎] 87eklimep4.fsf@deneb.enyo.de> <[🔎] 1084640D-002F-11D9-8F3A-00039317863E@suespammers.org> <[🔎] 87oekj6y55.fsf@aule.evenmere.org> <[🔎] 20040910025538.GC11468@bohr.local> <[🔎] 20040910033626.GO21120@zewt.org> <[🔎] F7CCF3CC-0325-11D9-B0FA-00039317863E@suespammers.org>

> On Sep 9, 2004, at 23:36, Glenn Maynard wrote:
> > The GPL requires that all derived works be entirely available under the
> > terms of the GPL.

On Fri, Sep 10, 2004 at 08:35:59AM -0400, Anthony DeRobertis wrote:
> Yes, but OpenSSL wouldn't be a derived work of the GPL program (it 
> can't be, because it was created before the GPL program).

Irrelevant:

The derived works in question isn't OpenSSL, the question is about the
program which includes both the GPLed program and the OpenSSL library.

> >  One piece of the resulting binary--OpenSSL--is not.
> > This seems to clearly violate the spirit of the GPL.
>
> It might, but the GPL does have the normal components of an OS 
> exception, for example. And only GPL (3), not (1) or (2) mentions all 
> components of the resulting binary.

This is valid for the case where we're not shipping that derived work
with the GPL'd parts of the program.  So, for an extreme example, users
writing shell scripts that include curl+ssl and some gnu utils don't
have any such issue to worry about (well, unless they're distributing
that script and running a debian mirror, or some such).

Of course, another issue is: does anyone really care about this kind
of thing?

If people do, perhaps the right place to start would be to create a
dummy package which conflicts with all packages which provide software
only available under a gpl-compatible license.

-- 
Raul

Reply to:

Follow-Ups:
- Re: GPL-licensed packages with depend-chain to OpenSSL
  - From: Glenn Maynard <glenn@zewt.org>
- Re: GPL-licensed packages with depend-chain to OpenSSL
  - From: Anthony DeRobertis <asd@suespammers.org>
- Re: GPL-licensed packages with depend-chain to OpenSSL
  - From: Nathanael Nerode <neroden@twcny.rr.com>

References:
- Re: GPL-licensed packages with depend-chain to OpenSSL
  - From: Anthony DeRobertis <asd@suespammers.org>
- Re: GPL-licensed packages with depend-chain to OpenSSL
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: GPL-licensed packages with depend-chain to OpenSSL
  - From: Anthony DeRobertis <asd@suespammers.org>
- Re: GPL-licensed packages with depend-chain to OpenSSL
  - From: Brian Thomas Sniffen <bts@alum.mit.edu>
- Re: GPL-licensed packages with depend-chain to OpenSSL
  - From: Anthony DeRobertis <anthony@derobert.net>
- Re: GPL-licensed packages with depend-chain to OpenSSL
  - From: Glenn Maynard <glenn@zewt.org>
- Re: GPL-licensed packages with depend-chain to OpenSSL
  - From: Anthony DeRobertis <asd@suespammers.org>

Prev by Date: Re: GPL-licensed packages with depend-chain to OpenSSL
Next by Date: Re: GPL-licensed packages with depend-chain to OpenSSL
Previous by thread: Re: GPL-licensed packages with depend-chain to OpenSSL
Next by thread: Re: GPL-licensed packages with depend-chain to OpenSSL
Index(es):
- Date
- Thread