[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SSL and TLS questions



[Forwarding because this address isn't subscribed to the list]

----- Forwarded message from owner-mixminion-dev@freehaven.net -----

Date: Mon, 29 Jul 2002 13:53:50 +0200
From: Peter Palfrader <peter@palfrader.org>
To: mixminion-dev@freehaven.net
Subject: Re: SSL and TLS questions

[Ob Introduction: I'm working with Len Sassaman on mixmaster and I'm a
                  Developer with Debian. I've been following this list
                  since mid May. ]

On Mon, 29 Jul 2002, Bodo Moeller wrote:

> > 2) OpenSSL's license is problematic: you can't link it with GPL'd code.=
=20
>=20
> OpenSSL is just a library, and for some systems it has become part of
> the standard OS distribution, so you don't have to worry about this
> that much.  Note that the GPL makes an exception for "anything that is
> normally distributed (in either source or binary form) with the major
> components (compiler, kernel, and so on) of the operating system on
> which the executable runs"; thus you can link OpenSSL with GPLed code
> even though the licenses may be incompatible.

This is not a view that everybody shares. While OpenSSL might be
available for many systems this is still not enough in many people's
opinion.

I recommend to explicitly add an exeption clause if you want to allow
linking against OpenSSL.

|   In addition, as a special exception, [.. the Mixminion Developers .]
|       give permission to link the code of this program with the
|   OpenSSL library (or with modified versions of OpenSSL that use the
|   same license as OpenSSL
           [ listed in the included COPYING.OpenSSL file ]
|                          ), and distribute linked combinations including
|   the two.  You must obey the GNU General Public License in all
|   respects for all of the code used other than OpenSSL.  If you modify
|   this file, you may extend this exception to your version of the
|   file, but you are not obligated to do so.  If you do not wish to
|   do so, delete this exception statement from your version.

[see http://lists.debian.org/debian-legal/2002/debian-legal-200207/msg00563.html,
 http://lists.debian.org/debian-legal/2002/debian-legal-200207/msg00454.html and
 followups. ]

This exception statement explicitly allows linking against OpenSSL.  If
anybody wishes to distribute a pure GPLed version of your software (so
that they can integrate other GPLed software) they can do so because
they may drop this exception. Of course this makes linking against
OpenSSL illegal.

					yours,
					peter

--=20
 PGP signed and encrypted  |  .''`.  ** Debian GNU/Linux **
    messages preferred.    | : :' :      The  universal
                           | `. `'      Operating System
 http://www.palfrader.org/ |   `-    http://www.debian.org/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE9RSzN3nqvbpTAnH8RAkTjAJ9xEZBVCqI2oCG3rhJxkDPXynpWMwCfTK85
uixi58b14rx6ersoXx8IzcM=
=pocP
-----END PGP SIGNATURE-----

----- End forwarded message -----