Quantcast

License change agreement

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
49 messages Options
123
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

License change agreement

Rich Salz-3
If you have contributed code to OpenSSL, we'd like you to take a look
at our licensing website, https://license.openssl.org and give approval
to our converting to the Apache Software License.

You can find more details at our most recent blog entry,
https://www.openssl.org/blog

Over the next couple of days we will be sending out emails to as many
people as we can.

Thank you!
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: License change agreement

Nathaniel McCallum-5
I'm only a minor contributor. But as I regularly use OpenSSL in other
projects, I wholeheartedly embrace this change. Thank you for the
effort you are putting in to make this happen.

On Thu, Mar 23, 2017 at 10:41 AM, Rich Salz <[hidden email]> wrote:

> If you have contributed code to OpenSSL, we'd like you to take a look
> at our licensing website, https://license.openssl.org and give approval
> to our converting to the Apache Software License.
>
> You can find more details at our most recent blog entry,
> https://www.openssl.org/blog
>
> Over the next couple of days we will be sending out emails to as many
> people as we can.
>
> Thank you!
> --
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: License change agreement

Quanah Gibson-Mount
In reply to this post by Rich Salz-3
--On Thursday, March 23, 2017 11:41 AM -0400 Rich Salz <[hidden email]>
wrote:

> If you have contributed code to OpenSSL, we'd like you to take a look
> at our licensing website, https://license.openssl.org and give approval
> to our converting to the Apache Software License.
>
> You can find more details at our most recent blog entry,
> https://www.openssl.org/blog

The major problem with the existing license is that it conflicts with the
GPLv2.  The new license also conflicts with the GPLv2.  This was
immediately brought up as a serious problem when this discussion began in
July of 2015.  It appears that the feedback that the APL does not solve
these serious problems with how OpenSSL was licensed was ignored.  Sad to
see that.

--Quanah

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: License change agreement

OpenSSL - Dev mailing list
> The major problem with the existing license is that it conflicts with the GPLv2.

Well, it's one of the problems.  The others includes that it is non-standard, and has an advertising clause.

> The new license also conflicts with the GPLv2.  This was immediately brought
> up as a serious problem when this discussion began in July of 2015.  It
> appears that the feedback that the APL does not solve these serious
> problems with how OpenSSL was licensed was ignored.  Sad to see that.

No it was not ignored.  (Just because we disagree doesn't mean we ignore the feedback.) The team felt that the Apache license better met our needs.

We can't please all parties, unfortunately.
 
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: License change agreement

Richard Moore


On 23 March 2017 at 18:04, Salz, Rich via openssl-dev <[hidden email]> wrote:
> The new license also conflicts with the GPLv2.  This was immediately brought
> up as a serious problem when this discussion began in July of 2015.  It
> appears that the feedback that the APL does not solve these serious
> problems with how OpenSSL was licensed was ignored.  Sad to see that.

No it was not ignored.  (Just because we disagree doesn't mean we ignore the feedback.) The team felt that the Apache license better met our needs.


​It's a fairly large elephant in the room that the press release does not address at all though. ​I think it's reasonable to expect some kind of reasoning.

Cheers

Rich.


--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: License change agreement

Peter Waltenberg

OpenSSL has a LOT of commercial users and contributors. Apache2 they can live with, GPL not so much.
There's also the point that many of the big consumers (like Apache :)) are also under Apache2.

Least possible breakage and I think it's a reasonable compromise. Of course I am biased because I work for the one of the commercial users.

Peter

-----"openssl-dev" <[hidden email]> wrote: -----
To: [hidden email]
From: Richard Moore
Sent by: "openssl-dev"
Date: 03/24/2017 07:34AM
Subject: Re: [openssl-dev] License change agreement



On 23 March 2017 at 18:04, Salz, Rich via openssl-dev <[hidden email]> wrote:
> The new license also conflicts with the GPLv2.  This was immediately brought
> up as a serious problem when this discussion began in July of 2015.  It
> appears that the feedback that the APL does not solve these serious
> problems with how OpenSSL was licensed was ignored.  Sad to see that.

No it was not ignored.  (Just because we disagree doesn't mean we ignore the feedback.) The team felt that the Apache license better met our needs.


​It's a fairly large elephant in the room that the press release does not address at all though. ​I think it's reasonable to expect some kind of reasoning.

Cheers

Rich.

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev


--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: License change agreement

Quanah Gibson-Mount
--On Friday, March 24, 2017 1:37 AM +0000 Peter Waltenberg
<[hidden email]> wrote:

>
> OpenSSL has a LOT of commercial users and contributors. Apache2 they can
> live with, GPL not so much.
> There's also the point that many of the big consumers (like Apache :))
> are also under Apache2.
>
> Least possible breakage and I think it's a reasonable compromise. Of
> course I am biased because I work for the one of the commercial users.

Zero people that I know of are saying to switch to the GPL.  What is being
pointed out is that the incompatibility with the current OpenSSL license
with the GPLv2 has been a major problem.  Switching to the APLv2 does
nothing to resolve that problem.  As has been noted, the current
advertising is a huge problem with the existing license.  One of the
reasons that has been a big problem is that it makes the license
incompatible with the GPLv2.  So on the one hand, getting rid of that
clause is great.  On the other hand, getting rid of it by switching to the
APL is not great, because it doesn't resolve the fundamental problem of
being incompatible with the GPLv2.

As was noted back when this was brought up in 2015, there are other,
better, licenses than the APLv2 which are also GPLv2 compatible.  The MPLv2
being an example of such a license.  There is also BSD, MIT/X11, etc.  The
GPLv2 incompatibility of OpenSSL is a major problem.

--Quanah

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: License change agreement

Blumenthal, Uri - 0553 - MITLL
Apache license is fine for me, while GPL could be problematic. Incompatibility with GPLv2 is not a problem for us.

If it is a problem for somebody - feel free to explain the details. Though I think the decision has been made, and the majority is OK with it.

Regards,
Uri

Sent from my iPhone

> On Mar 23, 2017, at 22:27, Quanah Gibson-Mount <[hidden email]> wrote:
>
> --On Friday, March 24, 2017 1:37 AM +0000 Peter Waltenberg <[hidden email]> wrote:
>
>>
>> OpenSSL has a LOT of commercial users and contributors. Apache2 they can
>> live with, GPL not so much.
>> There's also the point that many of the big consumers (like Apache :))
>> are also under Apache2.
>>
>> Least possible breakage and I think it's a reasonable compromise. Of
>> course I am biased because I work for the one of the commercial users.
>
> Zero people that I know of are saying to switch to the GPL.  What is being pointed out is that the incompatibility with the current OpenSSL license with the GPLv2 has been a major problem.  Switching to the APLv2 does nothing to resolve that problem.  As has been noted, the current advertising is a huge problem with the existing license.  One of the reasons that has been a big problem is that it makes the license incompatible with the GPLv2.  So on the one hand, getting rid of that clause is great.  On the other hand, getting rid of it by switching to the APL is not great, because it doesn't resolve the fundamental problem of being incompatible with the GPLv2.
>
> As was noted back when this was brought up in 2015, there are other, better, licenses than the APLv2 which are also GPLv2 compatible.  The MPLv2 being an example of such a license.  There is also BSD, MIT/X11, etc.  The GPLv2 incompatibility of OpenSSL is a major problem.
>
> --Quanah
>
> --
>
> Quanah Gibson-Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> <http://www.symas.com>
>
> --
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

smime.p7s (5K) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: License change agreement

Otto Moerbeek
On Fri, Mar 24, 2017 at 04:11:48AM +0000, Blumenthal, Uri - 0553 - MITLL wrote:

> Apache license is fine for me, while GPL could be problematic. Incompatibility with GPLv2 is not a problem for us.
>
> If it is a problem for somebody - feel free to explain the details. Though I think the decision has been made, and the majority is OK with it.

I like to mention that any license change cannot be made based on a
majority vote or any other method other than getting each author (or
its legal representative) to *explicitly* allow the change. The method
of "nothing heard equals consent" is not valid in any jurisdiction I
know of.

While I'm not a contributor (I think I only sent in a small diff years
ago), I would like to stress that the planned relicensing procedure is
not legal and can be challenged in court.

        -Otto
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: License change agreement

Marcus Meissner
On Fri, Mar 24, 2017 at 07:48:58AM +0100, Otto Moerbeek wrote:

> On Fri, Mar 24, 2017 at 04:11:48AM +0000, Blumenthal, Uri - 0553 - MITLL wrote:
>
> > Apache license is fine for me, while GPL could be problematic. Incompatibility with GPLv2 is not a problem for us.
> >
> > If it is a problem for somebody - feel free to explain the details. Though I think the decision has been made, and the majority is OK with it.
>
> I like to mention that any license change cannot be made based on a
> majority vote or any other method other than getting each author (or
> its legal representative) to *explicitly* allow the change. The method
> of "nothing heard equals consent" is not valid in any jurisdiction I
> know of.
>
> While I'm not a contributor (I think I only sent in a small diff years
> ago), I would like to stress that the planned relicensing procedure is
> not legal and can be challenged in court.

Well, emails were sent yesterday out to _all_ contributors for ack/deny the change.

Ciao, Marcus
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: License change agreement

Otto Moerbeek
On Fri, Mar 24, 2017 at 08:21:49AM +0100, Marcus Meissner wrote:

> On Fri, Mar 24, 2017 at 07:48:58AM +0100, Otto Moerbeek wrote:
> > On Fri, Mar 24, 2017 at 04:11:48AM +0000, Blumenthal, Uri - 0553 - MITLL wrote:
> >
> > > Apache license is fine for me, while GPL could be problematic. Incompatibility with GPLv2 is not a problem for us.
> > >
> > > If it is a problem for somebody - feel free to explain the details. Though I think the decision has been made, and the majority is OK with it.
> >
> > I like to mention that any license change cannot be made based on a
> > majority vote or any other method other than getting each author (or
> > its legal representative) to *explicitly* allow the change. The method
> > of "nothing heard equals consent" is not valid in any jurisdiction I
> > know of.
> >
> > While I'm not a contributor (I think I only sent in a small diff years
> > ago), I would like to stress that the planned relicensing procedure is
> > not legal and can be challenged in court.
>
> Well, emails were sent yesterday out to _all_ contributors for ack/deny the change.
>
> Ciao, Marcus
> --
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Read the last line of the mail, it says the no reactions equals
consent. That is the illegal part.

        -Otto



--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: License change agreement

Kurt Roeckx
On Fri, Mar 24, 2017 at 08:36:02AM +0100, Otto Moerbeek wrote:

> On Fri, Mar 24, 2017 at 08:21:49AM +0100, Marcus Meissner wrote:
>
> > On Fri, Mar 24, 2017 at 07:48:58AM +0100, Otto Moerbeek wrote:
> > > On Fri, Mar 24, 2017 at 04:11:48AM +0000, Blumenthal, Uri - 0553 - MITLL wrote:
> > >
> > > > Apache license is fine for me, while GPL could be problematic. Incompatibility with GPLv2 is not a problem for us.
> > > >
> > > > If it is a problem for somebody - feel free to explain the details. Though I think the decision has been made, and the majority is OK with it.
> > >
> > > I like to mention that any license change cannot be made based on a
> > > majority vote or any other method other than getting each author (or
> > > its legal representative) to *explicitly* allow the change. The method
> > > of "nothing heard equals consent" is not valid in any jurisdiction I
> > > know of.
> > >
> > > While I'm not a contributor (I think I only sent in a small diff years
> > > ago), I would like to stress that the planned relicensing procedure is
> > > not legal and can be challenged in court.
> >
> > Well, emails were sent yesterday out to _all_ contributors for ack/deny the change.
>
> Read the last line of the mail, it says the no reactions equals
> consent. That is the illegal part.

The legal advice we got said that we should do our best to contact
people. If we contacted them, they had the possibility to say no.
We will give them time and go over all people that didn't reply to
try to reach them.

But if they don't reply, as said, we will assume they have no
problem with the license change. If at some later point in time
they do come forward and say no, we will deal with that at that
time.


Kurt

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: License change agreement

Otto Moerbeek
On Fri, Mar 24, 2017 at 09:40:16AM +0100, Kurt Roeckx wrote:

> On Fri, Mar 24, 2017 at 08:36:02AM +0100, Otto Moerbeek wrote:
> > On Fri, Mar 24, 2017 at 08:21:49AM +0100, Marcus Meissner wrote:
> >
> > > On Fri, Mar 24, 2017 at 07:48:58AM +0100, Otto Moerbeek wrote:
> > > > On Fri, Mar 24, 2017 at 04:11:48AM +0000, Blumenthal, Uri - 0553 - MITLL wrote:
> > > >
> > > > > Apache license is fine for me, while GPL could be problematic. Incompatibility with GPLv2 is not a problem for us.
> > > > >
> > > > > If it is a problem for somebody - feel free to explain the details. Though I think the decision has been made, and the majority is OK with it.
> > > >
> > > > I like to mention that any license change cannot be made based on a
> > > > majority vote or any other method other than getting each author (or
> > > > its legal representative) to *explicitly* allow the change. The method
> > > > of "nothing heard equals consent" is not valid in any jurisdiction I
> > > > know of.
> > > >
> > > > While I'm not a contributor (I think I only sent in a small diff years
> > > > ago), I would like to stress that the planned relicensing procedure is
> > > > not legal and can be challenged in court.
> > >
> > > Well, emails were sent yesterday out to _all_ contributors for ack/deny the change.
> >
> > Read the last line of the mail, it says the no reactions equals
> > consent. That is the illegal part.
>
> The legal advice we got said that we should do our best to contact
> people. If we contacted them, they had the possibility to say no.
> We will give them time and go over all people that didn't reply to
> try to reach them.
>
> But if they don't reply, as said, we will assume they have no
> problem with the license change. If at some later point in time
> they do come forward and say no, we will deal with that at that
> time.
>
>
> Kurt

Probably illegal and definitely immoral, in my opinion. Copyright law
exists to protect authors from these kind of practises.

        -Otto
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: License change agreement

Blumenthal, Uri - 0553 - MITLL
I personally think this issue is being blown way out of proportion and beyond the boundary of reason.

Regards,
Uri

Sent from my iPhone

> On Mar 24, 2017, at 05:07, Otto Moerbeek <[hidden email]> wrote:
>
>> On Fri, Mar 24, 2017 at 09:40:16AM +0100, Kurt Roeckx wrote:
>>
>>> On Fri, Mar 24, 2017 at 08:36:02AM +0100, Otto Moerbeek wrote:
>>>> On Fri, Mar 24, 2017 at 08:21:49AM +0100, Marcus Meissner wrote:
>>>>
>>>>> On Fri, Mar 24, 2017 at 07:48:58AM +0100, Otto Moerbeek wrote:
>>>>>> On Fri, Mar 24, 2017 at 04:11:48AM +0000, Blumenthal, Uri - 0553 - MITLL wrote:
>>>>>>
>>>>>> Apache license is fine for me, while GPL could be problematic. Incompatibility with GPLv2 is not a problem for us.
>>>>>>
>>>>>> If it is a problem for somebody - feel free to explain the details. Though I think the decision has been made, and the majority is OK with it.
>>>>>
>>>>> I like to mention that any license change cannot be made based on a
>>>>> majority vote or any other method other than getting each author (or
>>>>> its legal representative) to *explicitly* allow the change. The method
>>>>> of "nothing heard equals consent" is not valid in any jurisdiction I
>>>>> know of.
>>>>>
>>>>> While I'm not a contributor (I think I only sent in a small diff years
>>>>> ago), I would like to stress that the planned relicensing procedure is
>>>>> not legal and can be challenged in court.
>>>>
>>>> Well, emails were sent yesterday out to _all_ contributors for ack/deny the change.
>>>
>>> Read the last line of the mail, it says the no reactions equals
>>> consent. That is the illegal part.
>>
>> The legal advice we got said that we should do our best to contact
>> people. If we contacted them, they had the possibility to say no.
>> We will give them time and go over all people that didn't reply to
>> try to reach them.
>>
>> But if they don't reply, as said, we will assume they have no
>> problem with the license change. If at some later point in time
>> they do come forward and say no, we will deal with that at that
>> time.
>>
>>
>> Kurt
>
> Probably illegal and definitely immoral, in my opinion. Copyright law
> exists to protect authors from these kind of practises.
>
>    -Otto
> --
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

smime.p7s (5K) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: License change agreement

Otto Moerbeek
On Fri, Mar 24, 2017 at 11:53:10AM +0000, Blumenthal, Uri - 0553 - MITLL wrote:

> I personally think this issue is being blown way out of proportion and beyond the boundary of reason.
>
> Regards,
> Uri

Is it reasonable to step on the rights of authors with the backing of
large corporations? Individual authors that might have chosen to
change email address or are unable to be contacted for other reasons?

It is sad to see the corporate giants dictate the policies of yet
another open source project, without regard for the spirit of
copyright law which is to protect the individual author.

        -Otto
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: License change agreement

Richard Levitte - VMS Whacker-2
In message <[hidden email]> on Fri, 24 Mar 2017 13:14:35 +0100, Otto Moerbeek <[hidden email]> said:

otto> On Fri, Mar 24, 2017 at 11:53:10AM +0000, Blumenthal, Uri - 0553 - MITLL wrote:
otto>
otto> > I personally think this issue is being blown way out of proportion and beyond the boundary of reason.
otto> >
otto> > Regards,
otto> > Uri
otto>
otto> Is it reasonable to step on the rights of authors with the backing of
otto> large corporations? Individual authors that might have chosen to
otto> change email address or are unable to be contacted for other reasons?
otto>
otto> It is sad to see the corporate giants dictate the policies of yet
otto> another open source project, without regard for the spirit of
otto> copyright law which is to protect the individual author.

If I'm reading you correctly, *any* license change faces the exact
same problem.  My interpretation of what you say is that unless we can
successfully reach all contributors, no exception, we're stuck with
the current license, probably for life.

Am I reading you correctly?

--
Richard Levitte         [hidden email]
OpenSSL Project         http://www.openssl.org/~levitte/
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: License change agreement

Otto Moerbeek
On Fri, Mar 24, 2017 at 01:29:53PM +0100, Richard Levitte wrote:

> In message <[hidden email]> on Fri, 24 Mar 2017 13:14:35 +0100, Otto Moerbeek <[hidden email]> said:
>
> otto> On Fri, Mar 24, 2017 at 11:53:10AM +0000, Blumenthal, Uri - 0553 - MITLL wrote:
> otto>
> otto> > I personally think this issue is being blown way out of proportion and beyond the boundary of reason.
> otto> >
> otto> > Regards,
> otto> > Uri
> otto>
> otto> Is it reasonable to step on the rights of authors with the backing of
> otto> large corporations? Individual authors that might have chosen to
> otto> change email address or are unable to be contacted for other reasons?
> otto>
> otto> It is sad to see the corporate giants dictate the policies of yet
> otto> another open source project, without regard for the spirit of
> otto> copyright law which is to protect the individual author.
>
> If I'm reading you correctly, *any* license change faces the exact
> same problem.  My interpretation of what you say is that unless we can
> successfully reach all contributors, no exception, we're stuck with
> the current license, probably for life.
>
> Am I reading you correctly?

Yes, the default is "no, you're not allowed to change the license", not
"yes, you are allowed".

If you do not have explicit permission, the contribution(s) of an
auther must remain under the existing license or be removed. If you do
no want that, you should rewrite that piece so you can attach your
preferred license as author.

        -Otto
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: License change agreement

Richard Moore
In reply to this post by Peter Waltenberg
On 24 March 2017 at 02:26, Quanah Gibson-Mount <[hidden email]> wrote:
--On Friday, March 24, 2017 1:37 AM +0000 Peter Waltenberg <[hidden email]> wrote:


OpenSSL has a LOT of commercial users and contributors. Apache2 they can
live with, GPL not so much.
There's also the point that many of the big consumers (like Apache :))
are also under Apache2.

Least possible breakage and I think it's a reasonable compromise. Of
course I am biased because I work for the one of the commercial users.

Zero people that I know of are saying to switch to the GPL.  What is being pointed out is that the incompatibility with the current OpenSSL license with the GPLv2 has been a major problem.  Switching to the APLv2 does nothing to resolve that problem.  As has been noted, the current advertising is a huge problem with the existing license.  One of the reasons that has been a big problem is that it makes the license incompatible with the GPLv2.  So on the one hand, getting rid of that clause is great.  On the other hand, getting rid of it by switching to the APL is not great, because it doesn't resolve the fundamental problem of being incompatible with the GPLv2.

As was noted back when this was brought up in 2015, there are other, better, licenses than the APLv2 which are also GPLv2 compatible.  The MPLv2 being an example of such a license.  There is also BSD, MIT/X11, etc.  The GPLv2 incompatibility of OpenSSL is a major problem.

​Indeed, I don't think GPL2 itself would be a good choice.

Cheers

Rich.​

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: License change agreement

Stephan Seitz
In reply to this post by Richard Levitte - VMS Whacker-2
On Fr, Mär 24, 2017 at 01:29:53 +0100, Richard Levitte wrote:
>If I'm reading you correctly, *any* license change faces the exact
>same problem.  My interpretation of what you say is that unless we can
>successfully reach all contributors, no exception, we're stuck with
>the current license, probably for life.

While I think you’re reading him correctly, I don’t see a big problem.

I mean, if the people you are mailing don’t accept die license change for
their code part you are stuck with the same problem.

If this works the same way as in other projects this code parts have to
be rewritten.

Shade and sweet water!

        Stephan

--
| Public Keys: http://fsing.rootsland.net/~stse/keys.html |

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

smime.p7s (5K) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: License change agreement

Dirk-Willem van Gulik
In reply to this post by Otto Moerbeek

> On 24 Mar 2017, at 13:14, Otto Moerbeek <[hidden email]> wrote:
>
> On Fri, Mar 24, 2017 at 11:53:10AM +0000, Blumenthal, Uri - 0553 - MITLL wrote:
>
>> I personally think this issue is being blown way out of proportion and beyond the boundary of reason.
>>
>> Regards,
>> Uri
>
> Is it reasonable to step on the rights of authors with the backing of
> large corporations?

I personally do not see this as something led, backed or driven by the large corporation.

Rather, I see a community of developers, do a very reasonable, timely and sensible job to get their house in order; adapt to the realities of modern society - and thus allow the community to continue to operate as it wants in a changed world.

We understand a lot more about IPR, CLAs, patens and (software) licenses (their interaction with business and governance processes) than we did 30 years ago.

And just like we consider retiring support for say a PDP-11, AIX or SunOS & old compiler cruft — so do our licenses need maintenance.

>  Individual authors that might have chosen to
> change email address or are unable to be contacted for other reasons?

And as all things in life - this is not a black or white thing - but one where you need to trade one type of risk versus that of another.

Long term health of the community is important; as are old contributions made once to that community. But to an outsider or reasonably observer - neither is done without context or absolute. Total stagnation is as much a risk as blindly pushing through a change unilaterally.

To me it seems that OpenSSL is doing a commendable job trying to find a balance.

And ultimately a large part of the metric of success is wether this community survives; and continues to see the amplification loop of having its code use and thus garnering resources to keep the code usable work. Like bitrot - outdated & outmoded licenses too are an impediment too for this.  Also - know that outsiders who have to access the risks of these license changes won’t see this as a black and white thing - and are perfectly used to trade the advantages of a known license with the residuals of less than perfect provenance. We do that all the time.

With kind regards,

Dw.

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
123
Loading...