[openssl-dev] We're working on license changes
Brian Smith
brian at briansmith.org
Fri Jul 31 18:19:16 UTC 2015
On Fri, Jul 31, 2015 at 12:29 PM, Hanno Böck <hanno at hboeck.de> wrote:
> "Salz, Rich" <rsalz at akamai.com> wrote:
>
> > Please see https://www.openssl.org/blog/blog/2015/08/01/cla/ for some
> > more details.
> >
> > Summary: Moving to Apache 2, CLA's coming, it will take time.
>
> This is a huge step if it works (I leave it up to the lawyers to decide
> if it will), but I want to question whether Apache License is really a
> wise move.
[snip]
In the spirit of making OpenSSL as useful as possible for everyone I
>
would consider a permissive license that's more compatible (e.g. MIT) a
> wiser choice.
>
I agree 100%. What is wrong with the ISC-style license that LibreSSL and
BoringSSL have been using to share code? Why not use that same license for
new code? The ability to share code between these projects is hugely
valuable, especially when it comes to getting security problems fixed in a
timely and secure manner.
Also, I question the need for people to sign a CLA to contribute to
OpenSSL. OpenSSL has been very successful for decades without a CLA
requirement. Lots of other projects are extremely successful without a CLA.
A CLA seems unnecessary.
Cheers,
Brian
[1] https://www.imperialviolet.org/2014/06/20/boringssl.html (end of
document)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150731/42e74057/attachment.html>
More information about the openssl-dev
mailing list