commercial OpenSSL use

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

commercial OpenSSL use

Alan Wolfe
Hi!
 
I'm making a commercial application for windows which uses libcurl.
 
This build of libcurl I'm usings links to both zlib and openssl.
 
I know libcurl and zlib themselves are fine for us to use commercially but OpenSSL seemed a little more grey.
 
It seems like it's ok to use OpenSSL commercially so long as this file is included along with the application:
 
 
would that be correct?
 
Thanks so much!
Alan
Reply | Threaded
Open this post in threaded view
|

RE: commercial OpenSSL use

Ted Mittelstaedt
It is fine to use OpenSSL as long as the instructions IN that license are followed, note:
 
"...All advertising materials mentioning features ..."
 
That is pretty broad.  Basically, if your commercial application has a
spec sheet or other sheet that is distributed as part of an advertisement
of the product (available on the website for download, or whatever) that
lists a line item of a feature that your software has which is dependent on
use of OpenSSL, you must follow the:
 
"This product includes software developed by the OpenSSL Project
    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
restriction, PLUS:
 
 "This product includes cryptographic software written by
*     Eric Young ([hidden email])"
*    The word 'cryptographic' can be left out if the rouines from the library
*    being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
*    the apps directory (application code) you must include an acknowledgement:
*    "This product includes software written by Tim Hudson ([hidden email])"
those restrictions as well.
 
Make sure your marketing people are informed, and make sure that your
company lawyer impresses on your director of marketing the importance
of following the license, regardless of their own opinions of how "cluttered"
these additions make a particular piece of advertising.
 
It's a pretty easy set of instructions to follow in the license, IMHO.  The
problem you run into is these stupid graphic artists that companies seem
to employ who create a lot of marketing slicks, and care mostly about
getting a particular "look" in the slick, and don't give a damn about anything
else.
 
Ted
-----Original Message-----
From: [hidden email] [mailto:[hidden email]]On Behalf Of Alan Wolfe
Sent: Wednesday, July 16, 2008 4:46 PM
To: [hidden email]
Subject: commercial OpenSSL use

Hi!
 
I'm making a commercial application for windows which uses libcurl.
 
This build of libcurl I'm usings links to both zlib and openssl.
 
I know libcurl and zlib themselves are fine for us to use commercially but OpenSSL seemed a little more grey.
 
It seems like it's ok to use OpenSSL commercially so long as this file is included along with the application:
 
 
would that be correct?
 
Thanks so much!
Alan
Reply | Threaded
Open this post in threaded view
|

Re: commercial OpenSSL use

Alan Wolfe
Thats kind of difficult because we are making a retail video game that uses libcurl to talk http for one of the minor features the game has.

We've already had commercials on tv and tons of advertisements go out.

It seems like pretty tough guidelines to have all advertisement materials say this.

I'm a coder so i know where the license is coming from but from a practical standpoint i know I couldn't convince my company to do this in tv commercials, magazine adds etc.  I know they would be ok to put something in the credits but aparently that's not enough here.

Growl I guess i'm going to have to find an alternative ):

Thanks for your help



On Wed, Jul 16, 2008 at 11:52 PM, Ted Mittelstaedt <[hidden email]> wrote:
It is fine to use OpenSSL as long as the instructions IN that license are followed, note:
 
"...All advertising materials mentioning features ..."
 
That is pretty broad.  Basically, if your commercial application has a
spec sheet or other sheet that is distributed as part of an advertisement
of the product (available on the website for download, or whatever) that
lists a line item of a feature that your software has which is dependent on
use of OpenSSL, you must follow the:
 
"This product includes software developed by the OpenSSL Project
    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
restriction, PLUS:
 
 "This product includes cryptographic software written by
*     Eric Young ([hidden email])"
*    The word 'cryptographic' can be left out if the rouines from the library
*    being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
*    the apps directory (application code) you must include an acknowledgement:
*    "This product includes software written by Tim Hudson ([hidden email])"
those restrictions as well.
 
Make sure your marketing people are informed, and make sure that your
company lawyer impresses on your director of marketing the importance
of following the license, regardless of their own opinions of how "cluttered"
these additions make a particular piece of advertising.
 
It's a pretty easy set of instructions to follow in the license, IMHO.  The
problem you run into is these stupid graphic artists that companies seem
to employ who create a lot of marketing slicks, and care mostly about
getting a particular "look" in the slick, and don't give a damn about anything
else.
 
Ted
-----Original Message-----
From: [hidden email] [mailto:[hidden email]]On Behalf Of Alan Wolfe
Sent: Wednesday, July 16, 2008 4:46 PM
To: [hidden email]
Subject: commercial OpenSSL use

Hi!
 
I'm making a commercial application for windows which uses libcurl.
 
This build of libcurl I'm usings links to both zlib and openssl.
 
I know libcurl and zlib themselves are fine for us to use commercially but OpenSSL seemed a little more grey.
 
It seems like it's ok to use OpenSSL commercially so long as this file is included along with the application:
 
 
would that be correct?
 
Thanks so much!
Alan

Reply | Threaded
Open this post in threaded view
|

Re: commercial OpenSSL use

Chris Clark
Hi Alan,

If you re-read below you will see it says this:

If...advertisement of the product... that lists a line item of a
feature that your software has which is dependent on use of OpenSSL,
you must follow the...

So if your advertisement does not list any encryption or other
features provided by OpenSSl, there is no problem.

-Chris


On 7/17/08, Alan Wolfe <[hidden email]> wrote:

> Thats kind of difficult because we are making a retail video game that uses
> libcurl to talk http for one of the minor features the game has.
>
> We've already had commercials on tv and tons of advertisements go out.
>
> It seems like pretty tough guidelines to have all advertisement materials
> say this.
>
> I'm a coder so i know where the license is coming from but from a practical
> standpoint i know I couldn't convince my company to do this in tv
> commercials, magazine adds etc.  I know they would be ok to put something in
> the credits but aparently that's not enough here.
>
> Growl I guess i'm going to have to find an alternative ):
>
> Thanks for your help
>
>
>
>
> On Wed, Jul 16, 2008 at 11:52 PM, Ted Mittelstaedt <[hidden email]>
> wrote:
> >
> >
> > It is fine to use OpenSSL as long as the instructions IN that license are
> followed, note:
> >
> > "...All advertising materials mentioning features ..."
> >
> > That is pretty broad.  Basically, if your commercial application has a
> > spec sheet or other sheet that is distributed as part of an advertisement
> > of the product (available on the website for download, or whatever) that
> > lists a line item of a feature that your software has which is dependent
> on
> > use of OpenSSL, you must follow the:
> >
> > "This product includes software developed by the OpenSSL Project
> >     for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
> >
> > restriction, PLUS:
> >
> >  "This product includes cryptographic software written by
> > *     Eric Young ([hidden email])"
> > *    The word 'cryptographic' can be left out if the rouines from the
> library
> > *    being used are not cryptographic related :-).
> > * 4. If you include any Windows specific code (or a derivative thereof)
> from
> > *    the apps directory (application code) you must include an
> acknowledgement:
> > *    "This product includes software written by Tim Hudson
> ([hidden email])"
> >
> > those restrictions as well.
> >
> > Make sure your marketing people are informed, and make sure that your
> > company lawyer impresses on your director of marketing the importance
> > of following the license, regardless of their own opinions of how
> "cluttered"
> > these additions make a particular piece of advertising.
> >
> > It's a pretty easy set of instructions to follow in the license, IMHO.
> The
> > problem you run into is these stupid graphic artists that companies seem
> > to employ who create a lot of marketing slicks, and care mostly about
> > getting a particular "look" in the slick, and don't give a damn about
> anything
> > else.
> >
> > Ted
> >
> >
> >
> >
> > -----Original Message-----
> > From: [hidden email]
> [mailto:[hidden email]]On Behalf Of Alan
> Wolfe
> > Sent: Wednesday, July 16, 2008 4:46 PM
> > To: [hidden email]
> > Subject: commercial OpenSSL use
> >
> >
> > Hi!
> >
> > I'm making a commercial application for windows which uses libcurl.
> >
> > This build of libcurl I'm usings links to both zlib and openssl.
> >
> > I know libcurl and zlib themselves are fine for us to use commercially but
> OpenSSL seemed a little more grey.
> >
> > It seems like it's ok to use OpenSSL commercially so long as this file is
> included along with the application:
> >
> > http://www.openssl.org/source/license.html
> >
> > would that be correct?
> >
> > Thanks so much!
> > Alan
>
>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: commercial OpenSSL use

Alan Wolfe
Oops, I totally missed that.
 
Thanks for clearing that up, I see now in the license where it mentions that caevat about advertisement materials.
 
Thank you so much for your help Chris and Ted!
On Thu, Jul 17, 2008 at 8:49 AM, Chris Clark <[hidden email]> wrote:
Hi Alan,

If you re-read below you will see it says this:

If...advertisement of the product... that lists a line item of a
feature that your software has which is dependent on use of OpenSSL,
you must follow the...

So if your advertisement does not list any encryption or other
features provided by OpenSSl, there is no problem.

-Chris


On 7/17/08, Alan Wolfe <[hidden email]> wrote:
> Thats kind of difficult because we are making a retail video game that uses
> libcurl to talk http for one of the minor features the game has.
>
> We've already had commercials on tv and tons of advertisements go out.
>
> It seems like pretty tough guidelines to have all advertisement materials
> say this.
>
> I'm a coder so i know where the license is coming from but from a practical
> standpoint i know I couldn't convince my company to do this in tv
> commercials, magazine adds etc.  I know they would be ok to put something in
> the credits but aparently that's not enough here.
>
> Growl I guess i'm going to have to find an alternative ):
>
> Thanks for your help
>
>
>
>
> On Wed, Jul 16, 2008 at 11:52 PM, Ted Mittelstaedt <[hidden email]>
> wrote:
> >
> >
> > It is fine to use OpenSSL as long as the instructions IN that license are
> followed, note:
> >
> > "...All advertising materials mentioning features ..."
> >
> > That is pretty broad.  Basically, if your commercial application has a
> > spec sheet or other sheet that is distributed as part of an advertisement
> > of the product (available on the website for download, or whatever) that
> > lists a line item of a feature that your software has which is dependent
> on
> > use of OpenSSL, you must follow the:
> >
> > "This product includes software developed by the OpenSSL Project
> >     for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
> >
> > restriction, PLUS:
> >
> >  "This product includes cryptographic software written by
> > *     Eric Young ([hidden email])"
> > *    The word 'cryptographic' can be left out if the rouines from the
> library
> > *    being used are not cryptographic related :-).
> > * 4. If you include any Windows specific code (or a derivative thereof)
> from
> > *    the apps directory (application code) you must include an
> acknowledgement:
> > *    "This product includes software written by Tim Hudson
> ([hidden email])"
> >
> > those restrictions as well.
> >
> > Make sure your marketing people are informed, and make sure that your
> > company lawyer impresses on your director of marketing the importance
> > of following the license, regardless of their own opinions of how
> "cluttered"
> > these additions make a particular piece of advertising.
> >
> > It's a pretty easy set of instructions to follow in the license, IMHO.
> The
> > problem you run into is these stupid graphic artists that companies seem
> > to employ who create a lot of marketing slicks, and care mostly about
> > getting a particular "look" in the slick, and don't give a damn about
> anything
> > else.
> >
> > Ted
> >
> >
> >
> >
> > -----Original Message-----
> > From: [hidden email]
> [mailto:[hidden email]]On Behalf Of Alan
> Wolfe
> > Sent: Wednesday, July 16, 2008 4:46 PM
> > To: [hidden email]
> > Subject: commercial OpenSSL use
> >
> >
> > Hi!
> >
> > I'm making a commercial application for windows which uses libcurl.
> >
> > This build of libcurl I'm usings links to both zlib and openssl.
> >
> > I know libcurl and zlib themselves are fine for us to use commercially but
> OpenSSL seemed a little more grey.
> >
> > It seems like it's ok to use OpenSSL commercially so long as this file is
> included along with the application:
> >
> > http://www.openssl.org/source/license.html
> >
> > would that be correct?
> >
> > Thanks so much!
> > Alan
>
>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]

Reply | Threaded
Open this post in threaded view
|

RE: commercial OpenSSL use

Ted Mittelstaedt
In reply to this post by Alan Wolfe
 
>tough guidelines to have all advertisement materials say this
 
Is this 'minor feature' listed in -all- advertising materials?  The OpenSSL
attributions only need to be in advertising that lists the specific feature
dependent on it, would that be -all- advertising your company is doing?
I would doubt it.
 
Back of the box and in the manual is where most product minor features would
be advertised.
 
Ted
-----Original Message-----
From: [hidden email] [mailto:[hidden email]]On Behalf Of Alan Wolfe
Sent: Thursday, July 17, 2008 8:23 AM
To: [hidden email]
Subject: Re: commercial OpenSSL use

Thats kind of difficult because we are making a retail video game that uses libcurl to talk http for one of the minor features the game has.

We've already had commercials on tv and tons of advertisements go out.

It seems like pretty tough guidelines to have all advertisement materials say this.

I'm a coder so i know where the license is coming from but from a practical standpoint i know I couldn't convince my company to do this in tv commercials, magazine adds etc.  I know they would be ok to put something in the credits but aparently that's not enough here.

Growl I guess i'm going to have to find an alternative ):

Thanks for your help



On Wed, Jul 16, 2008 at 11:52 PM, Ted Mittelstaedt <[hidden email]> wrote:
It is fine to use OpenSSL as long as the instructions IN that license are followed, note:
 
"...All advertising materials mentioning features ..."
 
That is pretty broad.  Basically, if your commercial application has a
spec sheet or other sheet that is distributed as part of an advertisement
of the product (available on the website for download, or whatever) that
lists a line item of a feature that your software has which is dependent on
use of OpenSSL, you must follow the:
 
"This product includes software developed by the OpenSSL Project
    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
restriction, PLUS:
 
 "This product includes cryptographic software written by
*     Eric Young ([hidden email])"
*    The word 'cryptographic' can be left out if the rouines from the library
*    being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
*    the apps directory (application code) you must include an acknowledgement:
*    "This product includes software written by Tim Hudson ([hidden email])"
those restrictions as well.
 
Make sure your marketing people are informed, and make sure that your
company lawyer impresses on your director of marketing the importance
of following the license, regardless of their own opinions of how "cluttered"
these additions make a particular piece of advertising.
 
It's a pretty easy set of instructions to follow in the license, IMHO.  The
problem you run into is these stupid graphic artists that companies seem
to employ who create a lot of marketing slicks, and care mostly about
getting a particular "look" in the slick, and don't give a damn about anything
else.
 
Ted
-----Original Message-----
From: [hidden email] [mailto:[hidden email]]On Behalf Of Alan Wolfe
Sent: Wednesday, July 16, 2008 4:46 PM
To: [hidden email]
Subject: commercial OpenSSL use

Hi!
 
I'm making a commercial application for windows which uses libcurl.
 
This build of libcurl I'm usings links to both zlib and openssl.
 
I know libcurl and zlib themselves are fine for us to use commercially but OpenSSL seemed a little more grey.
 
It seems like it's ok to use OpenSSL commercially so long as this file is included along with the application:
 
 
would that be correct?
 
Thanks so much!
Alan