-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hello,
On 8/23/11 8:44 , Peter Marschall wrote: > On Sunday, 21. August 2011, you wrote: >> On 08/21/2011 12:36 PM, Peter Marschall wrote: >>> * renable zlib & readline support >> i don't think these are compatible with the DFSG, alas. >> >> GNU readline (at least) is GPL-licensed, and opensc links >> against OpenSSL. So building a package that links to both of >> them creates a non-redistributable work :( >> >> http://people.gnome.org/~markmc/openssl-and-the-gpl.html The linked page on OpenSSL and GPL also gives some additional hints: 1. "Usual disclaimers apply, I've no legal background whatsoever, don't trust a word I say ... I'm quite probably completely wrong." 2. "One recommended way around this GPL incompatibility is to add an OpenSSL exemption when you license your code under the GPL." 3. Remember that OpenSC is LGPL, not GPL (even though it is legal to "upgrade" LGPL to GPL as has been "proven" by Spanish government) 4. iAnal as well. Consulting FSFE (for a second opinion on what can and what can not be done) would be beneficial. 5. I consider Debian's position as a die-hard free software precaution, I don't know that the OpenSSL vs (L)GPL issue has ever been tested in courts, nor that it would actually represent the interests of any involved party (be it OpenSC code contributors or OpenSSL developers). It is just something that is "advised by lawyers as a precaution". 6. Creating unofficial, more complete but maybe more reckless packages would still be beneficial, given that the distributor takes the associated risks (I personally still believe that common sense and good intents beats the lawyer-centric world we live in) 7. IMHO OpenSSL is something that "comes with the operating system" in Debian (and other Linux distros) >> Is there any way to have OpenSC build against some crypto >> libraries other than OpenSSL (preferably licensed in >> GPL-compatible ways) so we could link it to readline without >> violating one license or the other? Two options: - decide to move to some other soft-crypto implementation and reap out OpenSSL (would be lovely) - create a small "softcrypto" mega-interface and allow to plug in different softcrypto implementations (something like cURL did) gradually. This would allow to build without OpenSSL in Debian and such and provide a way to still make use of drivers which might not have a developer or somebody to test any changes. > > OK, let's leave out libreadline (simple changes in > debian/{rules,control}). > > My interest is less in libreadline - although it makes > opensc-explorer a lot more comfortable - but in an update to opensc > in Debian. > > What about that? PS: if zlib has similar issues, then maybe leave > it away too. I don't know of such limitations. - -- @MartinPaljak +3725156495 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (Darwin) iQIcBAEBCAAGBQJOU0bXAAoJEHSCZV4wfjRSfroP/1IeDmFPOPWO2ZosXglsYFmM kYYzvah8l6G8F5KyHbo93vc3BeOe4zQN1ir3zMTpkBsSNDWdPtjd9g3j1uAF72/W yNXvVgqihoAZ9HquRFqV1LMqR+4KpW/Wjm0eZm6y8TsgF7rPSVKSSZqwCdvye0up uFZSBWQ4XOjQpFCdlrXJvCidzQ4a2f/RTdkqr0T0W5ntAGgks2WlbUn+bDSQnQVf EmpU8SK0SOMzDxicXkVUjUmaVusxkLE1KFW3VPH0jEp1zjvtSidbFw6iNk2Vs98a 8KViwk/09BmHJ7vRv57KwFnOa9mCmVyX2gJyHSwbB7kflA7a2fxep8BdOdWQ9S7q jKP0KJZmMuabFDJIvAlL0h1xIozikHCldhB46f/7lgZNssfy+AkaI1taA75uBJuy AD5w+6YfkFTAriihbg0L+xshFiQSxKbSMzq0128/8vS59LZsq/O9JZ/xgaHiM2Lh bot9M2Tj5efii4mdM0SWQx32O8jm8mmSrQLwIrdNqe4YavvpE0bPcI4Vz3ZGYnyz 2h6J7xm/I5KddIUb+jwVoB1OBudZ2KboUvwkQZaC8HYcf/Mzsk6wkGplyuTv0gjg 1Fc+bpG4kIRHsI4HKDB2FYcP+uYo4lMj0rCA0JcITckMpiVtgw9+E4Ucu7thPYFF CED/e/n3jp8nUfugnYLg =U75N -----END PGP SIGNATURE----- _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
