Re: possible-gpl-code-linked-with-openssl

To: Gert Wollny <gw.fossdev@gmail.com>,debian-mentors@lists.debian.org
Subject: Re: possible-gpl-code-linked-with-openssl
From: Dominik George <nik@naturalnet.de>
Date: Wed, 16 Oct 2013 17:50:28 +0200
Message-id: <[🔎] 52ff2758-054c-446d-b129-6dc893070185@email.android.com>
In-reply-to: <[🔎] 1381936124.25640.262.camel@febe.die.upm.es>
References: <[🔎] 1381933100.2941.12.camel@onenc> <[🔎] 8489add1-8d30-427e-85bd-33535b5f4844@email.android.com> <[🔎] 525EA451.4080306@fastmail.fm> <[🔎] 1381936124.25640.262.camel@febe.die.upm.es>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Gert Wollny <gw.fossdev@gmail.com> schrieb:

>The real issue is, who linked the binary that gets distributed, and
>therefore, who has to comply with the GPL, and this is not the upstream
>author. To rephrase Dominik's comment: "Upstream did not link openssl
>against the binary that will get distributed, the package maintainer
>does that."

Thanks, that's exactly what I was intending to say :)! Sorry if my wording was unclear.

The point is that the GPL does not, or better, cannot, limit the original author's rights, and so it would be perfectly OK if they distributed their own binaries they linked against OpenSSL while still noone else is allowed to do so.

That said, I my personal opinion is that doing the above is plain nonsense from a FOSS point of view, and if upstream's intention is to produce open software, they have to respond to the license issue.

To make the other part clear: You must not distribute GPL code linked against OpenSSL if the exception is missing, so it cannot enter Debian, neither main nor one of the other suites.

Cheers,
Nik
-----BEGIN PGP SIGNATURE-----
Version: APG v1.0.8-fdroid

iQFNBAEBCgA3BQJSXrXDMBxEb21pbmlrIEdlb3JnZSAobW9iaWxlIGtleSkgPG5p
a0BuYXR1cmFsbmV0LmRlPgAKCRAvLbGk0zMOJfgDCACsPiAQ6oUx2mtA6JGfcyqD
9XmoXQQTxuQn7M6i5xcKVjS0ebPThDu/L7UFa2/M1aQQRMzKPEhG/t4WZT/dfYHZ
eWHAfBxE2zpo8sg+I/9ryIj2BTDDQJDDE8a7dlCE1sviBC0vuMYFNgIt03NfpBl2
p9pBIRaeLVitFqPMcRduaVNQIkIJG+XVexs+QFl/R2ymxOU2gYePxP7sdHxawDEr
6Q2nDUATB8DBJE4CAvkPeX55ExZxJMlqIk+yYHLUWYTcjmOin9dR88fJOq5zCjPw
8WoSI+arSzLjvc7AmDpViht8T8PL/XCJJsTBWZSCPuqsblTN/O1JgrAiN87Ei7g3
=eLIW
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: possible-gpl-code-linked-with-openssl
  - From: Russ Allbery <rra@debian.org>

References:
- possible-gpl-code-linked-with-openssl
  - From: Richi Lists <ricul77@gmail.com>
- Re: possible-gpl-code-linked-with-openssl
  - From: Dominik George <nik@naturalnet.de>
- Re: possible-gpl-code-linked-with-openssl
  - From: The Wanderer <wanderer@fastmail.fm>
- Re: possible-gpl-code-linked-with-openssl
  - From: Gert Wollny <gw.fossdev@gmail.com>

Prev by Date: Re: possible-gpl-code-linked-with-openssl
Next by Date: Re: debian/watch: Version based on file timestamp
Previous by thread: Re: possible-gpl-code-linked-with-openssl
Next by thread: Re: possible-gpl-code-linked-with-openssl
Index(es):
- Date
- Thread