Re: CUPS is now linked against OpenSSL (and will stay GPLv2-only)

Le mardi, 28 janvier 2014, 16.07:34 Daniel Kahn Gillmor a écrit : > On Sun 2013-12-22 14:12:40 -0500, Andreas Metzler wrote: > > #3 Hope that GMP is relicensed to GPL2+/LGPLv3+ > > On Tue 2014-01-14 04:53:51 -0500, Didier 'OdyX' Raboud wrote: > > 2) GnuTLS > > > >2.x is useable but deprecated

Re: CUPS is now linked against OpenSSL (and will stay GPLv2-only)

On Sun 2013-12-22 14:12:40 -0500, Andreas Metzler wrote: > #3 Hope that GMP is relicensed to GPL2+/LGPLv3+ On Tue 2014-01-14 04:53:51 -0500, Didier 'OdyX' Raboud wrote: > 2) GnuTLS >2.x is useable but deprecated, 3.x is GPLv3+ through GMP. We're back >to "talk to the FSF to license GMP b

Re: CUPS is now linked against OpenSSL

On Mon, Jan 13, 2014 at 11:03:04PM -0500, Daniel Kahn Gillmor wrote: > Alternately, does anyone know anyone from the polarssl community who we > could cajole into patching that TLS implementation into CUPS? I'd like to point out that PolarSSL doesn't correctly implement TLS 1.0 since it doesn't su

Re: CUPS is now linked against OpenSSL

On Tue, 14 Jan 2014, Jakub Wilk wrote: > * Daniel Kahn Gillmor , 2014-01-13, 23:03: > >if the only axis we're measuring along is cryptographic security, > >then protecting against passive attackers (eavesdroppers) is > >clearly better than not doing so. > > > >but if people think that CUPS' TLS pro

Re: CUPS is now linked against OpenSSL

* Daniel Kahn Gillmor , 2014-01-13, 23:03: if the only axis we're measuring along is cryptographic security, then protecting against passive attackers (eavesdroppers) is clearly better than not doing so. but if people think that CUPS' TLS protects them against active attackers, and they use t

Re: CUPS is now linked against OpenSSL (and will stay GPLv2-only)

On Tue, Jan 14, 2014 at 10:53 AM, Didier 'OdyX' Raboud wrote: > Le lundi, 13 janvier 2014, 17.38:12 Didier Raboud a écrit : >> Le samedi, 11 janvier 2014, 14.22:28 Daniel Kahn Gillmor a écrit : >> > 0) ask CUPS to move from GPL2 to GPL2+ (with or without OpenSSL >> > exception) >> >> As askin

Re: CUPS is now linked against OpenSSL (and will stay GPLv2-only)

Le mardi, 14 janvier 2014, 10.53:51 Didier '' Raboud a écrit : > 3) Apple CDSA / libsecurity >From [1], this is currently being deprecated by Apple from OSX >v10.7. Meh. The link should have been https://developer.apple.com/library/mac/documentation/security/conceptual/cryptoservices/CDSA

Re: CUPS is now linked against OpenSSL (and will stay GPLv2-only)

Le lundi, 13 janvier 2014, 17.38:12 Didier Raboud a écrit : > Le samedi, 11 janvier 2014, 14.22:28 Daniel Kahn Gillmor a écrit : > > 0) ask CUPS to move from GPL2 to GPL2+ (with or without OpenSSL > > exception) > > As asking generally can't hurt, I have filed > https://cups.org/str.php?L4337

Re: CUPS is now linked against OpenSSL

On 01/13/2014 11:38 AM, Didier 'OdyX' Raboud wrote: > That would be quite a bold move to take. The one aspect that puzzles me > most is: in which ways "no TLS security" is better than "incompletely > secure TLS"? if the only axis we're measuring along is cryptographic security, then protecting

Re: CUPS is now linked against OpenSSL

Hi Daniel, and thanks for the insightful response, Le samedi, 11 janvier 2014, 14.22:28 Daniel Kahn Gillmor a écrit : > There is a fourth way forward -- loath though i am to propose it -- > which is to avoid enabling TLS in CUPS at all until upstream gets > their act together and does something se

Re: CUPS is now linked against OpenSSL

Hi Ian, On Sonntag, 12. Januar 2014, Ian Jackson wrote: > The argument I would make (because I believe in it) is that lack of > good cryptographic software is a bigger threat to the freedom of users > than tivoisation (and, the other downsides of GPLv2 compared to v3). absolutly agreed! Please go

Re: CUPS is now linked against OpenSSL

Russ Allbery writes ("Re: CUPS is now linked against OpenSSL"): > Isn't GMP an official GNU project? I thought the FSF had an > organization-wide policy to relicense all of their packages to v3 or > later. Perhaps we might be able to persaude them to make an exception for

Re: CUPS is now linked against OpenSSL

Daniel Kahn Gillmor writes: > On 01/11/2014 02:22 PM, Daniel Kahn Gillmor wrote: >> 1) ask GMP to switch back from LGPLv3+ to LGPLv2+ (it made the change >> in 4.2.2). Does anyone have a strong > Bah. This was supposed to say "Does anyone have a strong relationship > with GMP maintainers who

Re: CUPS is now linked against OpenSSL

On 01/11/2014 02:22 PM, Daniel Kahn Gillmor wrote: > 1) ask GMP to switch back from LGPLv3+ to LGPLv2+ (it made the change > in 4.2.2). Does anyone have a strong Bah. This was supposed to say "Does anyone have a strong relationship with GMP maintainers who could open this conversation with the

Re: CUPS is now linked against OpenSSL

On 01/11/2014 11:55 AM, Didier 'OdyX' Raboud wrote: > So as far as CUPS is concerned, I see three ways forward: > > 1) revert the switch to OpenSSL and link against GnuTLS 2. This >basically postpones the question to the moment when GnuTLS 2 is >removed from Debian. As I understood the thr

Re: CUPS is now linked against OpenSSL

El sáb, 11 de ene 2014 a las 10:41 , Russ Allbery escribió: Matthias Klumpp writes: Changing this would only mean that CUPS forks have the option to be distributed under GPLv3. I don't see a reason why Apple should be against this. Apple appears to be against anything containing the phras

Re: CUPS is now linked against OpenSSL (was: Re: GnuTLS in Debian)

On Sat, Jan 11, 2014 at 05:24:16PM +, Ben Hutchings wrote: > On Sat, 2014-01-11 at 17:55 +0100, Didier 'OdyX' Raboud wrote: > > Hi all, > > > > this "GnuTLS in Debian" thread triggered my switch of the src:cups > > package from linking against GnuTLS to now link against OpenSSL. CUPS is > >

Re: CUPS is now linked against OpenSSL

Matthias Klumpp writes: > Changing this would only mean that CUPS forks have the option to be > distributed under GPLv3. I don't see a reason why Apple should be > against this. Apple appears to be against anything containing the phrase GPLv3, to the extent that their employees were even forbidd

Re: CUPS is now linked against OpenSSL

2014/1/11 Andreas Metzler : > Svante Signell wrote: > [...] >> What are the chances of cups re-licensing (dual-licensing) to GPL2+? >> This would be a step in the right direction. (in worst case use some >> other software package than cups as default for printing) > > I'd guess minimal, iirc Apple

Re: CUPS is now linked against OpenSSL

Svante Signell wrote: [...] > What are the chances of cups re-licensing (dual-licensing) to GPL2+? > This would be a step in the right direction. (in worst case use some > other software package than cups as default for printing) I'd guess minimal, iirc Apple has no love for GPLv3. cu Andreas --

Re: CUPS is now linked against OpenSSL (was: Re: GnuTLS in Debian)

On Sat, 2014-01-11 at 17:55 +0100, Didier 'OdyX' Raboud wrote: > Hi all, > > this "GnuTLS in Debian" thread triggered my switch of the src:cups > package from linking against GnuTLS to now link against OpenSSL. CUPS is > GPL-2 only with an OpenSSL exception. > Now, as far as I understood the th

Re: CUPS is now linked against OpenSSL (was: Re: GnuTLS in Debian)

On Sat, 2014-01-11 at 17:55 +0100, Didier 'OdyX' Raboud wrote: > Hi all, > > this "GnuTLS in Debian" thread triggered my switch of the src:cups > package from linking against GnuTLS to now link against OpenSSL. CUPS is > GPL-2 only with an OpenSSL exception. > > Today, Andreas rightly pointed t