LGPL library using only LGPL-parts of partially GPL shared library (gnutls, nettle)

To: debian-legal@lists.debian.org
Subject: LGPL library using only LGPL-parts of partially GPL shared library (gnutls, nettle)
From: Andreas Metzler <ametzler@downhill.at.eu.org>
Date: Wed, 16 Feb 2011 20:08:27 +0100
Message-id: <[🔎] bujt28-8f9.ln1@argenau.downhill.at.eu.org>

Hello,

GnuTLS upstream has added support for different crypto backends in
2.11.x and has chosen nettle as prefered backend (2.10.x is using
libgcrypt).

The main GnuTLS library itself and its dependency chain (libgcrypt11
libtasn1-3) are LGPLv2.1+.

nettle OTOH is LGPLv2.1+ except for two parts: The implementations of
serpent and blowfish are GPLv2+. GnuTLS does not use these two pieces.
Nettle upstream says [1]:

| [...] This means that if you don't use the parts of nettle that are
| GPL-only, you have the option to use the Nettle library just as if it
| were licensed under the LGPL. To find the current status of particular
| files, you have to read the copyright notices at the top of the files.

Is this an acceptable interpretaton of the (L)GPL for Debian? Can I
switch crypto backends without doublechecking GnuTLS rdeps for
GPL-incompatible (but LGPL compatible) code?

thanks, cu andreas
[1] http://www.lysator.liu.se/~nisse/nettle/nettle.html#Copyright
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

Reply to:

Follow-Ups:
- Re: LGPL library using only LGPL-parts of partially GPL shared library (gnutls, nettle)
  - From: Simon Josefsson <simon@josefsson.org>

Prev by Date: Re: copyright on upstream patches
Next by Date: Re: copyright on upstream patches
Previous by thread: Re: copyright on upstream patches
Next by thread: Re: LGPL library using only LGPL-parts of partially GPL shared library (gnutls, nettle)
Index(es):
- Date
- Thread