On Fri, 4 Jun 2004, Robert Collins wrote:
> Debian cannot distribute squid versions linked with openssl due to the
> openssl licence having issues with GPL programs - unless those programs
> include an 'exception' in their licence statement. (Other ssl enabled
> GPL projects have done this). As I understand it this affects redhat
> suse etc etc as well. (It also includes appliances running squid for
> obvious reasons).
Urk..
Do you have more detailed information on this license conflict? If I
understand correctly it is actually GPL who does not allow linking with
the OpenSSL license due to the (double) advertising clause of OpenSSL and
therefore needs an exception to allow OpenSSL to be linked into the GPL
application even when the OpenSSL license is not strictly GPL compatible.
> We have three basic options:
>
> 1) Ignore it - appliances can't ship with ssl support, distros can't
> ship with ssl support, but users can rebuild their squids if they need.
If my assumption wrt the license conflict above is correct then most
distros can probably argue that they are safe due to OpenSSL today being
considered an integral OS component already expempt from GPL by section 3
in the GPL, but it is a thin line on what is "core component" and what is
"extra".
> 2) Get squid working with GnuTLS which is meant to be an almost-dropin
> replacement for openssl. They apparently have compatability headers
> even.
Interesting. Should not be hard to accomplish I think.
> 3) Get permission from all copyright holders on squid to add an openssl
> exception. (I grant my permission).
Me to, and also MARA Systems.
Regards
Henrik
Received on Thu Jun 03 2004 - 16:39:24 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Jun 30 2004 - 12:00:03 MDT