On 2021-02-22 Daiki Ueno <[email protected]> wrote: > For now the LICENSE file says:
> Since GnuTLS version 3.1.10, the core library is released under > the GNU Lesser General Public License (LGPL) version 2.1 or later > (see doc/COPYING.LESSER for the license terms). > but later on: > Note, however, that the nettle and the gmp libraries which are > GnuTLS dependencies, they are distributed under a LGPLv3+ or GPLv2+ dual > license. As such binaries linking to them need to adhere to either LGPLv3+ > or the GPLv2+ license. > I'm wondering if it would cause any problem to explicitly license the > core library as a LGPLv3+ or GPLv2+ dual license. Does anyone know of > any use-case where LGPLv2 is required? [...] Hello, I have forwarded this to debian-legal, trying to get some feedback, Walter Landry replied with: | I think this is OK for Debian. The only tricky clause is Section 4 of | LGPL 3. GMP would already make this apply to all of the programs that | use GnuTLS. I think the difference, if any, would be what exactly is | required if someone wanted to modify GnuTLS. That is not an issue for | Debian, since Debian releases source code for everything. | [disclaimer] Personally I would prefer if yu did not change the license, for the simple reason that (LGPLv3+ or GPLv2+ dual license) is a lot more complicated than LGPLv2.1+# cu Andreas _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
