[openssl-dev] License change agreement

Quanah Gibson-Mount quanah at symas.com
Fri Mar 24 16:27:56 UTC 2017

--On Friday, March 24, 2017 6:00 PM +0100 Dirk-Willem van Gulik 
<dirkx at webweaving.org> wrote:

>> In 2 years time, I've yet to see one valid argument to using the APLv2
>> vs the MPLv2 originate from the OpenSSL team.
> The two licenses are not identical.
> Specifically the MPL goes one step further with respect to the disclosure
> of the source code* -- The ASL stops just before that - and is more akin
> to the MIT and BSD licenses.
> From personal experience - and given how OpenSSL is commonly used as one
> of many small components in a larger work - that does make (my) live in
> the real world a lot easer.
> Dw.
> *: (though not as far as the Free software licences; it limits it to the
> code under the MPL itself).

Yes, I'm certainly not saying they are the same.  But the reasons provided 
so far by the OpenSSL team have not shown why the APLv2 is a better choice 
for the downstream consumers of OpensSL vs the MPLv2, and there are 
definite reasons as to why the APLv2 is problematic.



Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:

More information about the openssl-dev mailing list