Re: Compatibility of GPLv2 and Apache v2 (OpenSSL again)
On December 7, 2018 6:04:22 AM UTC, Ben Finney <email@example.com> wrote:
>Sebastian Andrzej Siewior <firstname.lastname@example.org> writes:
>> The wording (of the addon) was drafted on debian-legal a few years
>Can you give citations to what you're referring to? there have been
>such discussions so it would help if we're both talking about the same
For the openssl license with advertising and GPL:
>The part of that article salient for this discussion seems to be:
> OpenSSL version 3.0.0 will be the first version that we release
> under the Apache License 2.0. We will not be applying the Apache
> License to earlier releases of OpenSSL.
>That doesn't specify the grant of license so it's unclear what the
>set of conditions will be.
>That is a nearly-verbatim copy of the Apache License 2.0 with no
>substantive changes (only the URL in the header changed to an HTTPS).
>Merely dropping a copy of the license document doesn't tell use exactly
>what is the grant of license, as many works (including OpenSSL itself,
>and as you point out a lot of works that link to OpenSSL) have a
>grant of license that incorporates some combination of conditions. It
>not enough to assume that a license document implies the entire grant
>So we will need to see what exact text is the grant of license (the
>saying something like "This is OpenSSL, Copyright © 2018 Foo Bar. You
>are hereby granted freedom to do X, Y, Z under these explicit specific
>Is the grant of license somewhere in the Git repository to be examined?
So the readme file
The OpenSSL toolkit is licensed under the Apache License 2.0, which means
that you are free to get and use it for commercial and non-commercial
purposes as long as you fulfill its conditions.
Is this enough or should upstream add more to this?