OpenSSL has a LOT of commercial users and contributors. Apache2 they can live with, GPL not so much.
There's also the point that many of the big consumers (like Apache :)) are also under Apache2.

Least possible breakage and I think it's a reasonable compromise. Of course I am biased because I work for the one of the commercial users.


-----"openssl-dev" <> wrote: -----
From: Richard Moore
Sent by: "openssl-dev"
Date: 03/24/2017 07:34AM
Subject: Re: [openssl-dev] License change agreement

On 23 March 2017 at 18:04, Salz, Rich via openssl-dev <> wrote:
> The new license also conflicts with the GPLv2.  This was immediately brought
> up as a serious problem when this discussion began in July of 2015.  It
> appears that the feedback that the APL does not solve these serious
> problems with how OpenSSL was licensed was ignored.  Sad to see that.

No it was not ignored.  (Just because we disagree doesn't mean we ignore the feedback.) The team felt that the Apache license better met our needs.

​It's a fairly large elephant in the room that the press release does not address at all though. ​I think it's reasonable to expect some kind of reasoning.



openssl-dev mailing list
To unsubscribe:

openssl-dev mailing list
To unsubscribe:

Reply via email to