Re: Balsa: Indirect linking to OpenSSL via LGPL and OpenLDAP libs

[Andrew Lau <netsnipe debianplanet org>]

On Mon, Dec 16, 2002 at 06:52:58AM -0500, Peter Bloomfield wrote:
> Does this exclusion clause have any material impact on regular
> users? I feel totally uninformed about all this!

Hi Peter,

There is no material impact on regular users. The reason Balsa needs
an exclusion clause is that the GPL prohibits linking with code and
distributing the binaries if the other code (in this case, OpenSSL)
can't also be distributed under the terms of the GPL. OpenSSL's
BSD-style advertisement clauses are considered additional restrictions
to the GPL and are thus incompatible.

The OpenSSL license specifically also says:

	"The licence and distribution terms for any publicly
	available version or derivative of this code cannot be
	changed.  i.e. this code cannot simply be copied and put under
	another distribution licence [including the GNU Public
	Licence.]"

So in order to make it legal for Debian to distribute Balsa packages,
Balsa's license must additionally have an exclusion clause in which
the developers explicitly grants users the right to link/use Balsa
with OpenSSL, or our packages must refrain from making any links to
OpenSSL libraries either directly or indirectly. Another slightly more
impractical solution would be to replace OpenSSL with the LGPL'ed
GnuTLS altogether in Balsa. I hope this helps you understand Debian's
viewpoint on the matter.

Yours sincerely,
Andrew "Netsnipe" Lau

-- 
---------------------------------------------------------------------------
* Andrew "Netsnipe" Lau              Computer Science & Student Rep, UNSW *
*   # apt-get into it                 Debian GNU/Linux Package Maintainer *
*     <netsnipe(+)debianplanet.org\0>      <alau(+)cse.unsw.edu.au\0>     *
* GnuPG 1024D/2E8B68BD 0B77 73D0 4F3B F286 63F1  9F4A 9B24 C07D 2E8B 68BD *
---------------------------------------------------------------------------

PGP signature