Thanks for raising this issue. On Fri, Jun 24, 2011 at 04:47:56PM +1200, Dan Wallis wrote: > First off, apologies if I'm out of place in sending you this, or if > it's already been discussed here before. I did search the archives > [0], but didn't see any mention of this particular suggestion.
> As I understand things, there's currently a stalemate between the > Debian policy, and the package author. I can see in the Ubuntu bug > report [1] that there is what appears to be a well-written solution, > with which the package author agrees, in comment #86 [2]. I am not a > lawyer however, so would like to get the go-ahead from debian-legal. > Does this logic seem sound from a legal point-of-view? > Following on with that idea, would something as simple as the attached > patch be sufficient to resolve this stalemate? If not, could you > perhaps suggest suitable wording? No, it would not. Indicating in user-facing documentation that it is recommended to use OpenSSL is not equivalent to granting distributors permission to distribute binaries linked with OpenSSL as part of an OS. However, in reading the bug log my understanding is the upstream author's position is that the GPL does not require dynamically-linked libraries to be distributed under the same license terms. I don't believe this is an accurate interpretation of the GPL as written, but if Jean-Yves is the sole copyright holder of the work, then this is a clarification of the intended license, which I believe is sufficient for Debian's purposes. If there are other copyright holders, we would need to get similar clarification of intent, or an OpenSSL linking exception, from each of them. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ slanga...@ubuntu.com vor...@debian.org
signature.asc
Description: Digital signature
