On Fri, Mar 31, 2017 at 11:48:44PM +0500, Andrey Rahmatullin wrote:
> On Fri, Mar 31, 2017 at 07:28:19PM +0200, Francesco Poli wrote:
> > In this scenario, you can determine the intent of the program copyright
> > holders, but what you need is a linking exception from the
> > purely-GPL-licensed li
On Fri, Mar 31, 2017 at 07:28:19PM +0200, Francesco Poli wrote:
> In this scenario, you can determine the intent of the program copyright
> holders, but what you need is a linking exception from the
> purely-GPL-licensed library copyright holders, not from the program
> copyright holders!
Which, I
On Fri, 31 Mar 2017 07:23:25 -0400 Richard Fontana wrote:
> On Thu, Mar 30, 2017 at 11:37:32PM +0200, Francesco Poli wrote:
> > On Wed, 29 Mar 2017 23:28:46 -0400 Richard Fontana wrote:
> >
> > > On Thu, Mar 30, 2017 at 05:08:24AM +0200, Carlos Alberto Lopez Perez
> > > wrote:
> > >
> > > > Do
On 2017-03-30.09:03, Adam Borowski wrote:
> The approach of commercial companies to both code and law is "it compiles?
> Ship it!". They have sizeable legal departments, so the question they ask
> themselves is not "is this legal?" but "are costs of possible litigation
> smaller or greater than t
On Thu, Mar 30, 2017 at 11:37:32PM +0200, Francesco Poli wrote:
> On Wed, 29 Mar 2017 23:28:46 -0400 Richard Fontana wrote:
>
> > On Thu, Mar 30, 2017 at 05:08:24AM +0200, Carlos Alberto Lopez Perez wrote:
> >
> > > Do you (or anyone else) _really_ think the copyright holders of the GPL
> > > pro
On Thu, Mar 30, 2017 at 10:27:46AM +0200, Florian Weimer wrote:
> On the other hand, when a larger upstream project
> granted us a linking exception for OpenSSL, they probably did not
> obtain consent from all the copyright holders, either.
Right. For example, I remember one case where a Debian de
* Philip Hands:
> P.P.S. Does anyone really expect a consensus to emerge where we decide
> to ignore the exception to the exception across the board without
> consulting lawyers? I think there are several people in this thread
> (myself included) that have demonstrated that they're going to argue
Quoting Francesco Poli (2017-03-30 23:37:32)
> On Wed, 29 Mar 2017 23:28:46 -0400 Richard Fontana wrote:
>
> > On Thu, Mar 30, 2017 at 05:08:24AM +0200, Carlos Alberto Lopez Perez wrote:
> >
> > > Do you (or anyone else) _really_ think the copyright holders of
> > > the GPL program in question h
Carlos Alberto Lopez Perez writes:
> On 30/03/17 21:29, Don Armstrong wrote:
>> On Thu, 30 Mar 2017, Carlos Alberto Lopez Perez wrote:
>>> * License Must Not Contaminate _Other_ Software
>>
>> A work which is a derivative work of another piece of software isn't
>> merely distributed alongside.
>
On Wed, 29 Mar 2017 23:28:46 -0400 Richard Fontana wrote:
> On Thu, Mar 30, 2017 at 05:08:24AM +0200, Carlos Alberto Lopez Perez wrote:
>
> > Do you (or anyone else) _really_ think the copyright holders of the GPL
> > program in question had any intention ever of not allowing their program
> > to
On 30/03/17 08:05, Andrey Rahmatullin wrote:
> On Wed, Mar 29, 2017 at 11:10:01PM +0200, Carlos Alberto Lopez Perez wrote:
>> Apache 2.0 is compatible with GPLv3 [1] (therefore also with GPLv2+).
> It's more complicated than "therefore also".
> Imagine a GPL2+ program library linked with a GPL2 lib
On 30/03/17 21:29, Don Armstrong wrote:
> On Thu, 30 Mar 2017, Carlos Alberto Lopez Perez wrote:
>> * License Must Not Contaminate _Other_ Software
>
> A work which is a derivative work of another piece of software isn't
> merely distributed alongside.
>
>> Shipping a collection of software on a
On 30/03/17 21:09, Russ Allbery wrote:
> Lars Wirzenius writes:
>
>> Instead, I'll repeat that licenses shouldn't be violated. One way of
>> achieving that is to ask copyright holders for additional permissions
>> that are needed to avoid a violation.
>
> The problem with this approach, though,
On 30/03/17 14:31, Ian Jackson wrote:
> Carlos Alberto Lopez Perez writes ("Re: System libraries and the GPLv2"):
>> However, I still don't understand why we don't just declare OpenSSL a
>> system library; or at least define a clear policy for when a packag
Lars Wirzenius writes:
> Instead, I'll repeat that licenses shouldn't be violated. One way of
> achieving that is to ask copyright holders for additional permissions
> that are needed to avoid a violation.
The problem with this approach, though, is that many of us have tried this
with GPL softwa
Quoting Carlos Alberto Lopez Perez (2017-03-30 19:12:53)
> On 30/03/17 10:44, Jonas Smedegaard wrote:
> > Quoting Carlos Alberto Lopez Perez (2017-03-30 05:08:24)
> >> On 30/03/17 03:11, Clint Byrum wrote:
> >>> Excerpts from Carlos Alberto Lopez Perez's message of 2017-03-30 02:49:04
> >>> +0200:
On 30/03/17 10:44, Jonas Smedegaard wrote:
> Quoting Carlos Alberto Lopez Perez (2017-03-30 05:08:24)
>> On 30/03/17 03:11, Clint Byrum wrote:
>>> Excerpts from Carlos Alberto Lopez Perez's message of 2017-03-30 02:49:04
>>> +0200:
I understand that Debian wants to take a position of zero (or
On Thu, Mar 30, 2017 at 10:27:46AM +0200, Florian Weimer wrote:
> What really annoys me about this whole situation is this: I think no
> one presently argues that the GPLv2 prevents people from distributing
> pre-built binaries for proprietary operating systems. I can take
> Hotspot (a component o
Carlos Alberto Lopez Perez writes ("Re: System libraries and the GPLv2"):
> However, I still don't understand why we don't just declare OpenSSL a
> system library; or at least define a clear policy for when a package is
> considered part of the base system (so the GPL
On Thu, Mar 30, 2017 at 10:30:44AM +0200, Florian Weimer wrote:
> * Lars Wirzenius:
>
> > A compication in this is that even though the developers of a program
> > would be happy with linking to OpenSSL, people who've written other
> > libraries the program uses, or other code included in the prog
Carlos Alberto Lopez Perez writes:
> On 30/03/17 03:11, Clint Byrum wrote:
>> Excerpts from Carlos Alberto Lopez Perez's message of 2017-03-30 02:49:04
>> +0200:
>>> On 30/03/17 00:24, Philipp Kern wrote:
On 03/29/2017 11:10 PM, Carlos Alberto Lopez Perez wrote:
> So, the best case situ
Quoting Carlos Alberto Lopez Perez (2017-03-30 05:08:24)
> On 30/03/17 03:11, Clint Byrum wrote:
> > Excerpts from Carlos Alberto Lopez Perez's message of 2017-03-30 02:49:04
> > +0200:
> >> I understand that Debian wants to take a position of zero (or
> >> minimal) risk, and I also understand th
* Lars Wirzenius:
> A compication in this is that even though the developers of a program
> would be happy with linking to OpenSSL, people who've written other
> libraries the program uses, or other code included in the program, may
> not be. I'm such a person. If some code I've released some code
* Richard Fontana:
> On Thu, Mar 30, 2017 at 05:08:24AM +0200, Carlos Alberto Lopez Perez wrote:
>
>> Do you (or anyone else) _really_ think the copyright holders of the GPL
>> program in question had any intention ever of not allowing their program
>> to be used along with OpenSSL, when they wher
On Thu, Mar 30, 2017 at 10:09:20AM +0200, Vincent Bernat wrote:
> Well, that's really new to me. Why would you object to link to OpenSSL?
I'm not sure how to respond to this.
I don't understand why it is new to you. The conflict between the
OpenSSL and GPL licences is well known, at least within
❦ 30 mars 2017 10:46 +0300, Lars Wirzenius :
>> As Carlos, it's hard for me to believe anyone will object to OpenSSL
>> linking, all the more when they implemented the support for it.
>
> A compication in this is that even though the developers of a program
> would be happy with linking to OpenS
* Adam Borowski:
> The approach of commercial companies to both code and law is "it compiles?
> Ship it!". They have sizeable legal departments, so the question they ask
> themselves is not "is this legal?" but "are costs of possible litigation
> smaller or greater than the cost of doing it corr
On Thu, Mar 30, 2017 at 08:14:25AM +0200, Vincent Bernat wrote:
> As Carlos, it's hard for me to believe anyone will object to OpenSSL
> linking, all the more when they implemented the support for it.
A compication in this is that even though the developers of a program
would be happy with linking
* Josh Triplett:
> The intention of the system library exception is to allow third
> parties to ship Free Software on proprietary platforms, while
> pointedly *disallowing* the vendor of the proprietary platform from
> doing so. As historical precedent, note that some vendors explicitly
> provide
On Wed, Mar 29, 2017 at 11:28:46PM -0400, Richard Fontana wrote:
> On Thu, Mar 30, 2017 at 05:08:24AM +0200, Carlos Alberto Lopez Perez wrote:
>
> > Do you (or anyone else) _really_ think the copyright holders of the GPL
> > program in question had any intention ever of not allowing their program
❦ 29 mars 2017 18:11 -0700, Clint Byrum :
>> Right. That is how it also works in Spain, and I suspect that in many
>> other countries work the same way.
>>
>> I understand that Debian wants to take a position of zero (or minimal)
>> risk, and I also understand the desire to respect the interpre
On Wed, Mar 29, 2017 at 11:10:01PM +0200, Carlos Alberto Lopez Perez wrote:
> Apache 2.0 is compatible with GPLv3 [1] (therefore also with GPLv2+).
It's more complicated than "therefore also".
Imagine a GPL2+ program library linked with a GPL2 library. Now also link
this program with an Apache 2.0
Excerpts from Carlos Alberto Lopez Perez's message of 2017-03-30 05:08:24 +0200:
> On 30/03/17 03:11, Clint Byrum wrote:
> > Excerpts from Carlos Alberto Lopez Perez's message of 2017-03-30 02:49:04
> > +0200:
> >> On 30/03/17 00:24, Philipp Kern wrote:
> >>> On 03/29/2017 11:10 PM, Carlos Alberto
On Thu, Mar 30, 2017 at 05:08:24AM +0200, Carlos Alberto Lopez Perez wrote:
> Do you (or anyone else) _really_ think the copyright holders of the GPL
> program in question had any intention ever of not allowing their program
> to be used along with OpenSSL, when they where the ones implementing
>
On 30/03/17 03:11, Clint Byrum wrote:
> Excerpts from Carlos Alberto Lopez Perez's message of 2017-03-30 02:49:04
> +0200:
>> On 30/03/17 00:24, Philipp Kern wrote:
>>> On 03/29/2017 11:10 PM, Carlos Alberto Lopez Perez wrote:
So, the best case situation (IMHO) would be that a lawyer tell us
Excerpts from Carlos Alberto Lopez Perez's message of 2017-03-30 02:49:04 +0200:
> On 30/03/17 00:24, Philipp Kern wrote:
> > On 03/29/2017 11:10 PM, Carlos Alberto Lopez Perez wrote:
> >> So, the best case situation (IMHO) would be that a lawyer tell us that
> >> Apache 2.0 is also compatible with
On Thu, Mar 30, 2017 at 02:49:04AM +0200, Carlos Alberto Lopez Perez wrote:
> However, I still don't understand why we don't just declare OpenSSL a
> system library; or at least define a clear policy for when a package is
> considered part of the base system (so the GPL system exception applies
> t
On 30/03/17 00:24, Philipp Kern wrote:
> On 03/29/2017 11:10 PM, Carlos Alberto Lopez Perez wrote:
>> So, the best case situation (IMHO) would be that a lawyer tell us that
>> Apache 2.0 is also compatible with GPLv2-only, and that we stop playing
>> the game of being amateur lawyers instead of sof
On 30/03/17 00:26, Josh Triplett wrote:
> Carlos Alberto Lopez Perez wrote:
>> On 26/03/17 01:01, Walter Landry wrote:
>>> Florian Weimer wrote:
> #5 Declare GMP to be a system library.
>
(snip)
> #5 was how Fedora looked at the OpenSSL library issue. Since Debian
> has a
Carlos Alberto Lopez Perez wrote:
> On 26/03/17 01:01, Walter Landry wrote:
> > Florian Weimer wrote:
> >>> #5 Declare GMP to be a system library.
> >>>
> >> (snip)
> >>
> >>> #5 was how Fedora looked at the OpenSSL library issue. Since Debian
> >>> has another viewpoint on OpenSSL I somehow doubt
On 03/29/2017 11:10 PM, Carlos Alberto Lopez Perez wrote:
> So, the best case situation (IMHO) would be that a lawyer tell us that
> Apache 2.0 is also compatible with GPLv2-only, and that we stop playing
> the game of being amateur lawyers instead of software developers.
But that's not how the la
On 29/03/17 22:25, Brian May wrote:
> Carlos Alberto Lopez Perez writes:
>
>> But in the worst case, it will be compatible with GPLv2+ and GPLv3.
>
> I am not sure I see this as the worst case situation. Or maybe you meant
> to write "incompatable"?
>
No.
Apache 2.0 is compatible with GPLv3 [
On 29/03/17 22:28, Andrey Rahmatullin wrote:
> On Wed, Mar 29, 2017 at 09:58:07PM +0200, Carlos Alberto Lopez Perez wrote:
>> So... does this means that we are actually *now* shipping OpenSSL with
>> GPL software on the same DVD?
> This is permitted, or are you joking?
>
>
>
Yes
It was a sarca
On Wed, Mar 29, 2017 at 09:58:07PM +0200, Carlos Alberto Lopez Perez wrote:
> So... does this means that we are actually *now* shipping OpenSSL with
> GPL software on the same DVD?
This is permitted, or are you joking?
--
WBR, wRAR
signature.asc
Description: PGP signature
On Thu, Mar 30, 2017 at 07:25:04AM +1100, Brian May wrote:
> > But in the worst case, it will be compatible with GPLv2+ and GPLv3.
> I am not sure I see this as the worst case situation.
It's worse that being compatible with GPL2 too.
> Or maybe you meant to write "incompatable"?
No.
--
WBR, wR
Carlos Alberto Lopez Perez writes:
> But in the worst case, it will be compatible with GPLv2+ and GPLv3.
I am not sure I see this as the worst case situation. Or maybe you meant
to write "incompatable"?
--
Brian May
On 29/03/17 19:37, Francesco Poli wrote:
> On Wed, 29 Mar 2017 14:49:48 +0200 Carlos Alberto Lopez Perez wrote:
>
> [...]
>> I think that any package that is essential for the base OS
>> (aka Priority: required) should qualify for the system exception.
>
> Well, for the record, package libssl1.0.
On 29/03/17 15:58, Dmitry Alexandrov wrote:
>> On 26/03/17 01:01, Walter Landry wrote:
>>> Florian Weimer wrote:
> #5 Declare GMP to be a system library.
>
(snip)
> #5 was how Fedora looked at the OpenSSL library issue. Since Debian
> has another viewpoint on OpenSSL I so
> On 26/03/17 01:01, Walter Landry wrote:
>> Florian Weimer wrote:
#5 Declare GMP to be a system library.
>>> (snip)
>>>
#5 was how Fedora looked at the OpenSSL library issue. Since Debian
has another viewpoint on OpenSSL I somehow doubt we would use it for
GMP.
>>>
>>> I
On 26/03/17 01:01, Walter Landry wrote:
> Florian Weimer wrote:
>>> #5 Declare GMP to be a system library.
>>>
>> (snip)
>>
>>> #5 was how Fedora looked at the OpenSSL library issue. Since Debian
>>> has another viewpoint on OpenSSL I somehow doubt we would use it for
>>> GMP.
>>
>> I would like t
Florian Weimer schrieb:
> Would it be possible to get real legal advice on this matter, with the
> concrete goal to find a usable process to leverage the system library
> exception in the GPLv2?
We should have done that a decade ago...
The SFLC can probably help, but an official request to them
51 matches
Mail list logo
