%% Rich Salz <[EMAIL PROTECTED]> writes:
>> With the Debian policy it is not allowed to include nonfree
>> software. nonfree software has to go into the nonfree section.
rs> The problem with this policy -- particularly for OpenSSL -- is
rs> that "free" is very much a "localized" term. Do you mean only
rs> patents, or do you care about trademarks, crypto regulations,
rs> trade secrets, etc? For every single country in the world, only
rs> those in the UN, or what?
The Debian dichotomy between packages which go in "free" vs. those in
"non-free" is typically based solely on licensing terms. If the
software license gives users rights that meet the Debian Free Software
Guidelines, then the Debian package for that software is placed in the
"free" area. If not, it's placed in "non-free".
http://www.debian.org/social_contract#guidelines
rs> Do you care about contributory infringement, providing independant
rs> parts that, when applied together, violate a patent?
As with everyone else, Debian doesn't worry about infringement it
doesn't know about. If and when someone holding a patent notifies the
author (or copyright holder) of some software that it may infringe, they
will decide what to do about that. If the result means that the package
is no longer suitable for packaging in Debian, it will be removed.
If there is potential infringement stated in the documentation or
licensing, then that could disqualify the package from going in the
"free" area of Debian (or, perhaps, from being packaged for Debian at
all, depending on the circumstances).
rs> Has anyone ever done a patent clearance search to check for
rs> infringements?
No, and due to the absolutely brilliant way the U.S. patent system
works, I advise against anyone attempting to do this, or using the
patent system (at least the U.S. patent system) as a research tool of
any kind, for any purpose (at least in the U.S.). Note, IANAL.
Yes, I'm well aware that this completely nullifies the constitutional
purpose for having a patent system. Welcome to the wonderful world of
U.S. law.
rs> I am worried that Debian is using a broad brush to capture only
rs> the simple and obvious items. By doing this, they run the risk of
rs> opening themselves up to liability from an intellectual property
rs> owner.
rs> The approach taken by OpenSSL -- we know of these, there may be
rs> others, good luck -- is far safer and far more accurate. Perhaps
rs> not surprisingly, it is similar to the approach taken by W3C and
rs> IETF. You might want to reconsider your policies and practices,
rs> for your own sake.
I'm not sure I understand your concern, but I would like to.
Note that the distinction, in Debian, between "free" and "non-free" is
purely based on the license (as above), and further doesn't have any
significant impact to the average user. Both free and non-free packages
are available for download and installation in precisely the same
manner, with no real discrimination between them. You merely have to
add an extra line in your package setup tool to say you want it to
search the "non-free" packages as well.
Mainly, it's a categorization device intended to allow purists, who want
to use only free software (as defined by the DFSG, of course), a simple
way to accomplish that goal.
--
-------------------------------------------------------------------------------
Paul D. Smith <[EMAIL PROTECTED]> Network Management Development
"Please remain calm...I may be mad, but I am a professional." --Mad Scientist
-------------------------------------------------------------------------------
These are my opinions---Nortel Networks takes no responsibility for them.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
