On Tue, 2002-05-21 at 18:34, Glenn McGrath wrote: > On 21 May 2002 15:14:18 -0500 > "Jeff Licquia" <[EMAIL PROTECTED]> wrote: > > > On Tue, 2002-05-21 at 14:44, Stefan Hornburg (Racke) wrote: > > > Tomas Pospisek <[EMAIL PROTECTED]> writes: > > > > > > > > > [...] > > > > > > > But since linking against OpenSSL is now officially blessed and > > > > packages depending on openssl officially included in main, it'd be > > > > nice to have the license shipped with base (again it's at rank #24 > > > > of most depended on packages, just behind kdelibs). > > > > > > Hm, that's new for me. Is linking GPL'ed software against > > > OpenSSL now OK ? Please give me a pointer if this is true. > > > > Nope. > > Did we actually arive at a conclusion ? > > I was recently considering packaging GNUnet, however it links to openssl, > is the official position that GPL'ed binaries that link to openssl should > be in non-US or contrib, or are we still in limbo ?
I am repeating the "party line" as it has been explained to me. See the recent threads in debian-legal concerning CUPS for examples. It's my understanding that there are two problems with the OpenSSL license: - The advertising clause - The "cannot relicense under any other license, including the GPL" clause, which appears to forbid binary linking under the GPL section 2 (through the terms of section 3). Specifically, I was responding to the assertion that crypto-in-main makes OpenSSL OK for *GPLed* programs. Unless something has changed on the licensing front (the GPL has changed, or the OpenSSL license has changed), this is not true. Crypto-in-main only changes our policy concerning linking otherwise-license-compatible things with OpenSSL, such as LGPLed stuff, GPL-plus-OpenSSL-exception stuff, MIT/X stuff, new BSD stuff, and so on. > Some people say linking to openssl if fine, and that RMS himself is ok > with it, i find it hard to believe myself. > http://mail.gnu.org/pipermail/gnunet-developers/2002-May/000100.html I refuse to comment on such things, for fear of another license flamewar on debian-devel. Perhaps debian-legal would like to examine the issue and comment. (That's a hint. I'll make myself more clear: if you want to talk about this message from the gnunet people, go to debian-legal.) > Is giving libssl a priority of standard enough to consider it normally > part of the base OS, or should it be required ? (to qualify for the escape > clause in the GPL) The problematic clause in the GPL is "unless that component itself accompanies the executable." (section 3) If "Debian" is defined as "main", then OpenSSL "accompanies" anything else in main. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
