Stephen Hurd
2015-03-17 21:29:27 UTC
A person porting my project to Debian has cited the following blog post
as a reason to exclude any software integrating Cryptlib from Debian
packages. It appears that nobody has actually asked about these issues
though.
Does the license concern have any merit (the other concerns don't really
concern me)?
https://www.debian-administration.org/users/dkg/weblog/74
Relevant copy/paste:
However, a significant portion of the cryptlib codebase (particularly
within the bn/ and crypt/ directories) appears to derive directly from
OpenSSL, and it retains Eric Young's copyright and licensing. This
licensing retains the so-called "advertising clause" that is generally
acknowledged to be deliberately incompatible with the GPL
<http://people.gnome.org/%7Emarkmc/openssl-and-the-gpl.html>. (A common
counterargument for this incompatibility is that OpenSSL should be
considered a "System Library" for GPL
<http://www.gnu.org/licenses/gpl.html>'ed tools that link against it;
whether or not you believe this for tools linked against OpenSSL, this
counterargument clearly does not hold for a project that embeds and
ships OpenSSL code directly, as CryptLib does)
This does not mean that CryptLib is not free software (it is!), nor does
it mean that you cannot link it against GPL'ed code (you can!). However,
you probably can't /distribute/ the results of linking CryptLib against
any GPL'ed code, because the GPL is incompatible with the OpenSSL license.
_______________________________________________
Cryptlib mailing list
***@mbsks.franken.deAdministration via Mail: cryptlib-***@mbsks.franken.de
Archive: ftp://ftp.franken.de/pub/crypt/cryptlib/archives/
http://news.gmane.org/gmane.comp.encryption.cryptlib
Posts from non-subscribed addresses are blocked to prevent spam, please
subscribe in order to post messages.
as a reason to exclude any software integrating Cryptlib from Debian
packages. It appears that nobody has actually asked about these issues
though.
Does the license concern have any merit (the other concerns don't really
concern me)?
https://www.debian-administration.org/users/dkg/weblog/74
Relevant copy/paste:
However, a significant portion of the cryptlib codebase (particularly
within the bn/ and crypt/ directories) appears to derive directly from
OpenSSL, and it retains Eric Young's copyright and licensing. This
licensing retains the so-called "advertising clause" that is generally
acknowledged to be deliberately incompatible with the GPL
<http://people.gnome.org/%7Emarkmc/openssl-and-the-gpl.html>. (A common
counterargument for this incompatibility is that OpenSSL should be
considered a "System Library" for GPL
<http://www.gnu.org/licenses/gpl.html>'ed tools that link against it;
whether or not you believe this for tools linked against OpenSSL, this
counterargument clearly does not hold for a project that embeds and
ships OpenSSL code directly, as CryptLib does)
This does not mean that CryptLib is not free software (it is!), nor does
it mean that you cannot link it against GPL'ed code (you can!). However,
you probably can't /distribute/ the results of linking CryptLib against
any GPL'ed code, because the GPL is incompatible with the OpenSSL license.
_______________________________________________
Cryptlib mailing list
***@mbsks.franken.deAdministration via Mail: cryptlib-***@mbsks.franken.de
Archive: ftp://ftp.franken.de/pub/crypt/cryptlib/archives/
http://news.gmane.org/gmane.comp.encryption.cryptlib
Posts from non-subscribed addresses are blocked to prevent spam, please
subscribe in order to post messages.