At 5/16/2006 09:55 AM, Bob Beck wrote:
More importantely, as the ssleay license is more free (less
restrictive) than the gpl it allows for OpenSSL's inclusion into things
that can not use the GPL, due to it's restrictions.
I agree that the ssleay license is more free (less restrictive).
I want to be clear: we seek only an *additional* license, not a
replacement license.
In no way would I want OpenSSL to offer GPL as a replacement; rather a dual
license offer could be an option for any project, presuming that said
project owns the copyright to the software. Many projects offer a
dual-license approach. In such a case, a project (be it OpenSSL or some
other project) can offer multiple licenses for their software. In
OpenSSL's case, this could include any number of licenses, including ssleay
and GPL.
For example, my project (Cleversafe) will offer a dual licence of it's
software (a GPL and a commercially-flavored license). OpenSSL works fine
with our commercial license (so long as we adhere to the attribution
requirement), but there are conflicts with our GPL offering. And yes, we
are familiar with the restricts that GPL places over other licenses like
modified BSD, ssleay, etc.
At 5/16/2006 09:56 AM, Brad House wrote:
It's the GPL license that's broken, not OpenSSL. I believe the main
reason that you cannot link with OpenSSL's license is because of the
BSD with credit/advertising clause.
That's correct, according to my understanding.
The BSD license gives you much
more freedom though, especially with commercial applications which
would not be possible with GPL.
Yes. Further a pure, modified-BSD license has no restrictions with GPL,
either. OpenSSL does not provide such a license. We use several
modified-BSD integrations with our GPL-based distribution with no
restrictions. OpenSSL is not one of them. (Fyi: Apache-based licenses
present a similar problem: Apache works fine with our commercial
distribution but not with our GPL flavor.)
If you absolutely require a GPL licensed crypto library, use GNUTLS
and friends.
Actually we want a library that can work for both our commercially- and
GPL-based distributions. Neither GnuTLS nor OpenSSL does this as well as
we would like. Mozilla NSS seems to fit the bill. We currently have
OpenSSL integrated with our code and would prefer not to have to convert
over to Mozilla NSS if we can avoid it.
At 5/16/2006 09:49 AM, Richard Salz wrote:
OpenSSL is derived from SSLeay, and the authors of that original code will
not change their license, so moving OpenSSL to GPL is currently
impossible.
Complaints to /dev/null; it should be enough that we have *any* open
source implementation.
/r$
No complaints here. I'm simply investigating my project's options.
So to reiterate the question that I should have probably clarified in my
original email:
Would OpenSSL have any interest in _adding_ GPL to their license offerings
(along with the existing, ssleay-related license(s)) in a
dual/multiple-license mode?
In any case, my project is quite grateful to have OpenSSL as an development
option, and thanks the OpenSSL project members for providing such a
valuable and robust product and service to the community at large.
-Matt
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
