On 30/03/17 21:09, Russ Allbery wrote: > Lars Wirzenius <email@example.com> writes: > >> Instead, I'll repeat that licenses shouldn't be violated. One way of >> achieving that is to ask copyright holders for additional permissions >> that are needed to avoid a violation. > > The problem with this approach, though, is that many of us have tried this > with GPL software that links against OpenSSL and have been told that we're > being pedantic, wasting the maintainer's time, and they aren't going to > include any such specific license grant because they're not lawyers, > aren't going to mess with licenses, no one else has this problem, and > Debian needs to pull the stick out of its ass. > > Now one can just say "well, we don't want to package software from > maintainers like that anyway," but often those people are perfectly > reasonable on many other topics and quite good upstreams. We are widely > viewed as out of step with the community on this specific point, whether > reasonably or unreasonably. > > I'm not saying we're wrong, necessarily, but the way that Debian interacts > with software licenses is truly not the way that nearly everyone else > interacts with software licenses. We have non-lawyers with no legal > training read them carefully and attempt to apply their rules as if they > were written in normal English, very precisely. (In other words, we treat > them like they're computer programs.) Very, very few people outside of > Debian do this. Elsewhere, people largely divide into two camps: a quick > skim looking for obvious issues followed by "meh, good enough," or review > by an actual lawyer who is making a legal decision based on legal > interpretation, case law, and a risk analysis. > > I think we normally arrive at reasonable conclusions, but sometimes we do > arrive at conclusions that neither of those other two camps reach, and > then we can look oddly out of touch. > Couldn't agree more with you. Programmers shouldn't try to interpret corner cases on licenses, or judge about license compatibility. What the text of a license says is never interpreted word by word by a lawyer or a tribunal. The intention is also very important. And when you release a software that uses OpenSSL, there is a clear intention in that fact that you allow to use OpenSSL. After all, you have implemented support for it. I think we should try to consult more with lawyers when we have doubts, or when there is a disagreement about licenses in general. It worked for the ZFSOnLinux case. I think it can work also for this system library exception issue. My 2 cents.
Description: OpenPGP digital signature