On 09/29/2014 02:08 PM, Thorsten Alteholz wrote: > > > On Mon, 29 Sep 2014, Andreas Tille wrote: >>> [amul:4] V6.2-000 is ready for upload! >> >> And so I did. Thanks for your work on this > > Hmm, AGPL code without exception linked with openssl doesn't look well ..
[KSB] Thorsten, I manage FIS GT.M, the upstream project, and can speak for it. GT.M does not require OpenSSL, does not statically link to it, and does not in a strict sense, depend on OpenSSL. But there is a looser relationship / dependency. Use of GT.M does not require use of encryption, but GT.M does support the use of encryption for some functions. Since there are many encryption requirements around the world, and since our expertise is not in writing cryptographic software, GT.M does not include any cryptographic functionality, but instead uses a plug-in architecture. Any plug-in that provides GT.M with an implementation of GT.M's abstract encryption API that it can call will work. GT.M includes a reference implementation of an encryption plug-in, and the GT.M binary distribution includes source code for that reference implementation that users are free to use if it meets their needs, to modify to suit their needs, or simply to not use and provide their own. In our development environment, we test the reference implementation with a couple of popular packages, including OpenSSL, to be sure that the reference implementation works as it is supposed to. We do not intend adapting the reference implementation to meet a user or site's specific needs to be interpreted as creating a derivative work. In my view, the closest analogy is a package that ships with shell scripts, configuration files, etc. Using them as shipped, editing them, or replacing them, is part of deploying / using the package, and does not create a derivative work. Please do let me know what clarification you think is appropriate under the circumstances. Does this explanation suffice? If you would like us to make the clarification in any other way (such as a statement in the README), we would be happy to. Thank you. Regards -- Bhaskar > > Thorsten > > -- GT.M - Rock solid. Lightning fast. Secure. No compromises. _____________ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
