[openssl-dev] License change agreement

James Bottomley James.Bottomley at HansenPartnership.com
Fri Mar 24 18:43:48 UTC 2017

On Fri, 2017-03-24 at 13:17 +0000, Salz, Rich via openssl-dev wrote:
> > As was noted back when this was brought up in 2015, there are 
> > other, better, licenses than the APLv2 which are also GPLv2 
> > compatible.  The MPLv2 being an example of such a license.  There 
> > is also BSD, MIT/X11, etc.   The GPLv2 incompatibility of OpenSSL
> > is a major problem.
> Better in one dimension, not in the multiple dimensions that we are
> concerned about.  For example, one of the major things that is an
> issue for GPLv2 is the patent protection.  Patent protection is
> important to us.  At least now we're compatible with GPL3, which is
> hopefully seen as a major step forward.

There seems to be a misunderstanding here: for starters licensing any
library under GPLv2 is problematic because of the viral nature (it's
mostly done as a ploy for open core business models), so I'm assuming
you mean LGPLv2 (or 3) which would allow linking to non GPL code?

Secondly the GPLv2 family of licences has strong implicit patent
licences which GPLv3 made explicit.  In terms of broad protection
there's no real difference (as long as the patent owner ships the code,
they can't sue).  Explicit gives you a measure of protection on
contributions if the owner leaves the community for some reason, but
it's a much weaker protection than if they remain in the community
(applies only to contributions as opposed to entire code base).


> Yes, it is too bad we can't please all communities right now.

More information about the openssl-dev mailing list