Re: [PATCHES] [PATCH] Add support for GnuTLS
Peter Eisentraut <email@example.com> wrote:
> There is currently a bit of a standoff among the PostgreSQL developers about
> whether to add GnuTLS support in addition to OpenSSL because of various
> claims that certain GPL'ed Debian packages cannot include PostgreSQL support
> because that would indirectly link to OpenSSL.
> One leading developer forwarded the opinion from Red Hat's legal department
Based on this little snippet, it is unclear to me exactly what Red
Hat's legal department has said. Are they saying that the OpenSSL
license is not incompatible with the GPL? The advertising clause
seems like a clear incompatiblity.
Or are they saying that the GPL does not actually restrict people from
linking in libraries and distributing the result? That reading is
contradicted by a plain reading of the GPL.
What is most likely is that Red Hat's legal department has decided the
risk of suffering damages from distributing GPL'd programs linked with
OpenSSL is sufficiently low that they do not have to worry about it.
Debian tends to be much more conservative in this regard, partly
because the risk is borne by third parties (e.g. mirror operators and
> What sort of legal advice has Debian consulted that came to a
> different opinion?
There is a sizable pool of people that regularly examine licenses for
Debian, looking for problems. Debian does not regularly consult
practicing attorneys on these issues.
> Any advice on resolving this?
Debian's position is unlikely to change. So I see two avenues:
1) Find out what Red Hat's legal department actually said. Then
Debian and Red Hat might be able to come to some sort of
agreement. Preferably, they would explain their reasoning
directly to debian-legal (but that is unlikely).
2) Modify the patch so that it is not as distasteful to people who
do not see the point of the patch. I do not know if this is