On Thu, Mar 23, 2017 at 10:18:26AM -0600, Theo de Raadt wrote:
> Lots of people have been receiving emails like the one below.
> Date: Wed, 22 Mar 2017 16:48:10 -0400
> From: lice...@openssl.org
> To: dera...@cvs.openbsd.org
> Subject: OpenSSL License change
> Message-ID: <20170322204810.ra49wtmwn%lice...@openssl.org>
> User-Agent: s-nail v14.8.6
> Status: O
> Hello!
> This mail is coming from the OpenSSL development team.
> This is a pre-release email before we "go public."  In particular,
> the most recent blog entry, listed below, is not yet available.  But we
> thought, as an important downstream fork, that we'd give you the courtesy
> of participating early.
> We are working to change the license for OpenSSL. We want to move from
> the current license (which is custom-written and has some uncommon
> requirements on end-users), to the widely-accepted and common 
> Apache License (version 2).  You can find some explanation in
> our blog entries:

Thinking some more about it, the step from "custom written licence, weird
wording" into "Apache 2, wide-spread and acceptable" is very hypocritical.

If I understand things correctly, it's mainly a specific choice from one
guy, and I believe it should be scrutinized more: why choose the
Apache License v2, which is very controversial, instead of a more widely
accepted license, such as the 2 clause BSD / ISC license ?   

I would very much like to know if this is a misguided clueless
attempt to simplify things (we're talking about openssl, so this
wouldn't be too far-fetched), or whether there's an actual further
agenda pushed by some organisation with deep pockets which is ready
to "sponsor" some openssl developers if they manage to get things
moving in the right direction.


Reply via email to