> >I still find this argument incomprehensible. Are you
> >suggesting that the
> >sole purpose the FreeBSD people develop software is to create this
> >wonderful, powerful "FreeBSD" project? And that anything that doesn't
> >benefit the project with the name "FreeBSD" somehow doesn't matter?
> It would have been better if UCB had simply told GPL "sorry, we aren't
> going to revoke our advert clause" and left it at that. Then a lot of
> work in changing documentation and source files and such in the
> various BSD distributions would have not had to have been done.
What would that have been better? That would have meant that fewer
people
would have been using the software for really no good reason. Don't you want
your software to be used by as many people as possible?
> >Why is the fact that FreeBSD software is now helping
> >more people in more
> >different ways not a good?
> The more people that it's helping did not need the advert clause removed
> to make use of the BSD software.
Again, I find this baffling. Are you saying that removing the
advertising
clause did not actually increase the number of people who were able to
benefit from the software? I thought it was your position that the GPL
people strip mined the software, picking and choosing useful pieces, and I
thought it was your position that they could not (easily) do this with the
advertising clause still there.
> GPL software would help a lot more people if the GPL was modifed,
> if your consistent you would be also advocating this too. I don't
> see that you are. Maybe you should reconsider your real motives
> here.
As I said, I am a huge critic of the GPL. My main complaint is that its
requirements cause the software to benefit far fewer people than they could
otherwise. As a result, many people re-implement rather than re-using,
resulting in buggier software with less features and more incompatibility.
Now there's a case where I'm saying OpenSSL may be doing the same thing, and
you are questioning my motives?!
> > Why do you see the open source community as
> >warring factions so that a benefit for everyone overall doesn't
> >count as a
> >benefit to FreeBSD?
> I don't understand what your talking about here. Perhaps you
> should explain this statement better? What is it exactly that
> you think that I think?
You seem to think that the open source community consists of warring
factions and that it's whose name is on the door that's important rather
than what code is benefitting what people. You seem to say this over and
over. For example, you argue that the GPL people taking code from FreeBSD
doesn't benefit FreeBSD. Who the hell cares what does or doesn't benefit
FreeBSD? It's a bunch of numbers on a computer. Isn't it more important what
benefits *people*?
> >> Of course, there was a lot more to the story than this, but
> >essentially
> >> boiled down, this is what it was.
> >
> > Again, I think that's a seriously warped view
>
> I don't think you have any understanding of the point I made.
I guess not.
> >that
> >ignores the fact that
> >most people who write free open-source software count it as a plus when
> >their software benefits more people and improves the quality of more
> >software, whether or not their project's name is on the door.
> This is really irrelevant to the issue.
Then I guess I have no idea what you think the issue is.
> >> > What is your metric by which success is measured? It's
> >> >obviously not how
> >> >many people use the software and how useful they find it to be.
> >> >
> >> > If GPL people "strip mine" OpenSSL and take the parts
> >> >they consider good
> >> >and leave the parts they consider bad and put together a
> >better and more
> >> >standards-compliant ssl and cryptography library because of it,
> >> >why is that
> >> >not a good thing that should be given weight in the
> >consideration of the
> >> >benefits of making the license more GPL-compatible?
> >
> >> I never said it wasn't.
> >
> > Then why is "FreeBSD did their end, GPL didn't do it's end" even
> >meaningful?
> It was not UCB or the various BSD distributions (of which FreeBSD is the
> major one) who made the pitch to get rid of the advert clause. They
> didn't
> initiate this. The GPL camp was who initiated the getting rid of the
> advert
> clause with the reason given that it would benefit BSD. Since the advert
> clause was removed it has not helped BSD one iota, so the upshot is
> that the GPL camp was basically lying. Granted it may not have
> harmed BSD either to have the advert clause removed, but it certainly was
> an
> insult to the BSD contributors and a hipocritical thing for the GPL
> people to
> agitate for.
This assumes that the goal of BSD is not:
1) To get as many people using its software as possible.
2) To improve the quality of software generally.
These should be the major goals of every open source project.
> You seem to be having difficulty with the simple principle that if you
> want to
> use something that is given to you, you don't criticize the giver and
> demand
> that the thing be given to you in a certain side, shape, color, or
> whatever, or
> it isn't acceptable. It's like the family member that you give a
> Christmas
> present to and they throw it back at you and say "you didn't give it to
> me in
> a red box with candy wrapping paper, go back and rewrap it"
What is more important to you -- benefitting people or benefitting
OpenSSL?
What is the goal of the OpenSSL project? Is it to bring power and glory to
the OpenSSL name? Or is to improve the security and quality of software for
everyone?
To use an analogy to show why your analogy is so off the mark --
consider
if a local charity is building a home for a disabled veteran. You notice
that the staircase they're building is not wide enough for him to get up and
down it due to his handicap, so you tell them how they can make a simple,
easy adjustment so that he can be better accomodated. How is the response,
"he's getting this damn house for free, what right do or anyone have to tell
us how to build it!"
Do you *really* feel that way? That anything anyone gets out of OpenSSL
is
manna from the gods and they have no right to criticize it -- even if simple
changes could bring huge benefits to thousands of people?
Why is the turf war more important to to you than people?
> >> But, that's not OpenSSL's problem. The GPL
> >> people can simply apply the OpenSSL license to whatever product they
> >> create, if they want to strip mine OpenSSL. This isn't a problem if
> >> they are writing fresh code.
> >
> >> It is only a problem (in the GPL's mind) when they want to intermix
> >> existing GPL code that is already licensed under GPL with OpenSSL
> >> code. But what your missing is that virtually all existing GPL code
> >> is copyrighted by the developers that wrote it. Those people can
> >> simply release it under OpenSSL. Don't you understand this about
> >> GPL yet?
> >
> > That's just impossible. Linux, for example, has
> >thousands of contributors.
> >It is utterly impossible to get them all to agree to a new license.
> This is a rediculous argument. Linux is a huge distribution of many many
> many programs. We are only talking about a single project that
> may want to link into OpenSSL.
That single project may itself link to many other projects. That single
project could be the Linux kernel itself.
> And for that matter, OpenSSL itself has many contributors. Why isn't
> it "utterly impossible" to get all those contributors to sign off on the
> proposed license change for OpenSSL in that case?
How do you think this is a response to what I'm saying? I have never
taken
any position or made any argument about how easy or difficult if is for
OpenSSL to make such a change.
> That is easy and it is already covered in the GPL. The relevant
> section is here:
>
> "... If you wish to incorporate parts of the Program into other free
> programs whose distribution conditions are different, write to the author
> to ask for permission. For software which is copyrighted by the Free
> Software Foundation, write to the Free Software Foundation; we sometimes
> make exceptions for this. Our decision will be guided by the two goals of
> preserving the free status of all derivatives of our free software and of
> promoting the sharing and reuse of software generally...."
> You see, all those "thousands of contributors" when they put their stuff
> under
> the GPL they accepted the terms dictated by the FSF for the GPL. One of
> these
> terms is that since the GPL is copyrighted by the FSF, the FSF and no one
> else
> can modfy the GPL, and those mods apply to all those thousands of
> contributors.
If you can cite any legal authority for the proposition that FSF
modifications to the GPL, for programs where copyright is not assigned to
it, modify the grants of copyright, please do so. That seems to me to defy
reason, but courts do sometimes adopt positions that defy reason.
> So all that is necessary for this hypothetical developer to do is write
> the FSF and
> get permission to mod the GPL on the project to incorporate the OpenSSL
> advert
> clause.
If I could believe that, then I would agree with this part of your
argument. However, even if it is true, there would still be the huge
practical problem of people not wanting to rely on it.
> Since as you seem to think the GPL is so in favor of open source, then
> they
> wouldn't have a problem granting this.
Why do you say I seem to think that? Are you just stuffing words in my
mouths?
> >You think it's easy to start over with a project like Linux? Or gcc?
>
> gcc isn't linked into OpenSSL so that's not any valid example. And
> that is GNU/Linux, not Linux. Just ask the FSF.
You are not in any way responding to the substance of my arguments. Of
course gcc isn't linked into OpenSSL, the licenses are incompatible. If gcc
wanted to support a language with cryptographic primitives, the gcc people
would likely have to independently develop them and be unable to benefit
from the fact that the OpenSSL project has already developed and tested that
code. The same argument applies to the Linux kernel, should someone want to
add in-kernel SSL, for example.
> >> All of that is why the BSD license is really the "free"
> >license, the GPL
> >> license is anything but free. Yet, the FSF would have you believe
> >> otherwise and is busy brainwashing everyone they can find.
> >
> > I agree.
> >
> >> The strongest Open Source market is one in which all "free"
> >licenses are
> >> used and nobody is discriminated against. FreeBSD and it's ports
> >> distribution manges to do this very well. OpenSSL's "advert clause"
> >> license has just as much right to be in the Open Source community as
> >> the GPL does. If the GPL camp was willing to work with other licenses
> >> they would figure out how to do it without being a problem for
> >> themselves,
> >> just as FreeBSD figured out how to use GPLized software and many other
> >> more restrictive licenses than that, without contaminating it's own
> >> philosophy.
> >
> > Except the advertising clause stops a lot of people from
> >using OpenSSL, not
> >just the GPL crowd. Forced speech is a much higher price to pay than you
> >might think.
> How exactly does giving credit to the people that created a significant
> part of your product stop you from releasing a product?
It is forced speech. That is, it is something you must say, whether or
not
you agree with it and whether or not you feel it is something appropriate to
say in that context. You must also impose this obligation on others who use
your product, and it becomes an administrative issue that tags along with
the product. This is a major problem for middleware.
If you have a product that might or might not actually use bits of
OpenSSL,
or you have a situation where it's not entirely clear what precise code
segments consitute parts of what products, it can be very hard to figure out
where the clause is required and where it would be lying.
And, of course, it's incompatible with the GPL. So if you happen to be
working on a GPL project, you either can't keep it under the GPL or you
can't use OpenSSL.
> Lots of people are releasing commercial products that are based in
> some part on GPLed code, and they have no problem with the more
> severe restrictions of making their source available, etc. I fail to see
> how a tiny one-line footnote stating:
>
> "This product includes software developed by the OpenSSL Project..."
>
> is going to be a burden for anyone putting together marketing materials
> for a product.
This is an argument based on two sub-arguments. First, the GPL is bad,
so
OpenSSL can't be bad. That's obviously nonsense. The other is an argument
from personal incredulity -- because you can't see how it would be a burden,
it can't really be one, even when there are actually people who are in fact
burdened.
As a trivial example, consider a product that has several versions,
some of
which include parts of OpenSSL and some don't. Consider the problem of
determining what consistitues a "feature of OpenSSL" in the context of
features of software that uses OpenSSL.
> Unless of course, they are wanting to lie to their customers and tell
> their customers that they created the security, and not someone else.
That would be fraud, plain and simple. Anyone who would commit fraud
would
disregard a clause in a license. In any event, I've personally always found
it a plus to say that the guts of the security is handled by OpenSSL because
OpenSSL is vetted and maintained.
> >> The problem is I see most of the GPL-pushers acting exactly like the
> >> Microsquash camp. They have no tolerance for any other licensing
> >> than their own.
> >
> > What does that have to do with the actual issue? Specifically:
> >
> > 1) The advertising clause in OpenSSL is not that
> >important to OpenSSL
> >itself.
> >
>
> Then if it's so unimportant as you claim, then why is it important to the
> people wanting it removed?
This is a complete non-sequiter. Do I really have to come up with an
example for you of how it's possible for something to be very unimportant to
one person and extremely important to another who is differently situated?
> > 2) The advertising clause keeps a lot of people and
> >projects from using
> >OpenSSL.
> I've asked several times how exactly, and why it's a burden, and
> nobody can say. This statement your making that the advert clause
> keeps people from using openssl sounds like one of those made up
> statements that just gets repeated over and over so many times that
> people start thinking it's true.
Again, this is an argument from personal incredulity. Is it your
position
that there is no problem in combining software licensed under the GPL with
software that has a license with an advertising clause? I have never heard
anyone else *ever* take that position. Or is it your position that there
aren't very many GPL'd projects that have need for cryptography or SSL
functionality?
> > 3) More people and projects using OpenSSL would be a
> >major good, improving
> >the quality of software and security overall.
> Yes, but this is irrelevant since the advert clause isn't a block to
> prevent more people from using OpenSSL.
So is it your position that there are no cases where GNUtls was used
instead of OpenSSL because of the advertising clause?
> > Why is the turf war more important than that?
> >
>
> You, not I, are calling it a turf war, a rather negative, charged phrase.
> Is it your intention to make your point based solely on negative slams?
It is my intention to make you understand what you are saying when you
talk
about what "benefits OpenSSL" rather than what benefits people.
> If so then I will stop calling this an "advertising clause" in the
> OpenSSL
> license, and instead call it a more accurate "requirement to give credit"
> Then you can start arguing that it's a good thing to modify the OpenSSL
> license so that you don't have to give any credit to the hard work and
> contributions of the many people that have helped OpenSSL. How
> does that sound now? Not as nice as arguing against "advertising"
It is not a requirement to give credit. It is a prohibition on
advertisements that do not give credit.
If you owned a commercial software company, how would you feel about
hiring
a programmer who insisted that any software that he had worked on, in any
advertisements mentioning features he contributed to, contain a note saying,
"This product contains software developed by Jack Smith". (Assume his name
is Jack Smith.)
> This is a philosophical dispute. Some people don't like the OpenSSL
> license for whatever reason. These people cannot grasp that since
> they didn't write OpenSSL, they really don't have any say in the terms
> of the OpenSSL license. So rather than just suck it up and accept it,
> and deal with it using the mechanisms that are already available to
> do so (such as writing the FSF) these people feel it necessary to
> try to push the OpenSSL project into changing it's license.
That is just incredibly petty. I'm not really capable of composing a
rational response to that other than that if you're going to try to
contribute to benefit the community, you could do so with a positive
attitude toward benefitting the community. You could at least give a shot at
leading the GPL community by example.
> Why is the GPL philosophy of "we don't want to give credit" a more valid
> philosophy than the OpenSSL philosophy of "give credit"?
The philosophy is that people should not be forced to say things they
may
not agree with or may not find appropriate to say in particular forums.
DS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
