[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OpenSSL license for new packages.



Kristian Fiskerstrand writes ("Re: OpenSSL license for new packages."):
> On 07/28/2017 02:45 PM, Ian Jackson wrote:
> > I looked at the git repository linked to, and a few guessing clicks
> > got me here
> >   https://github.com/opencryptoki/openssl-ibmca/blob/master/src/e_ibmca.c
> > which is the full licence text.
> 
> That would make the other statements about containing OpenSSL code valid
> at least, but I found this section interesting:
> >  * 5. Products derived from this software may not be called "OpenSSL"
> >  *    nor may "OpenSSL" appear in their names without prior written
> >  *    permission of the OpenSSL Project.
> 
> Is it a consensus that "OpenSSL" should be interpreted in a case
> sensitive manner in this case (as a trademark), or would the name of the
> project itself constitute as problematic for the license ("openssl-ibmca")?

Law and courts and things are generally not case sensitive.

The name of the project would be problematic, except that: I read
"this software" here as referring to OpenSSL itself and openssl-ibmca
is not derived from openssl, so is not caught by this clause.

Furthermore, it is not likely that the openssl-ibmca upstream would
have any objection to the things that Debian or any of our downstreams
or users would want to do.  So even if this clause migth be
interpreted by a court to mean "you can't call this thing
openssl-ibmca", we don't think that's the licence authors meant.

If it turns out that that is what they meant, we can rename our
packages.  That is our standard approach to excessively strict
trademark boilerplate and I think it is equally applicable here.

Ian.

-- 
Ian Jackson <ijackson@chiark.greenend.org.uk>   These opinions are my own.

If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.


Reply to: