punycode licensing

Viktor Dukhovni openssl-users at dukhovni.org
Thu Jun 20 16:27:38 UTC 2019


On Thu, Jun 20, 2019 at 03:39:10PM +0100, Matt Caswell wrote:

> PR 9199 incorporates the C punycode implementation from RFC3492:
> 
> https://github.com/openssl/openssl/pull/9199
> 
> The RFC itself has this section in it:
> 
> B. Disclaimer and license
> 
>    Regarding this entire document or any portion of it (including the
>    pseudocode and C code), the author makes no guarantees and is not
>    responsible for any damage resulting from its use.  The author grants
>    irrevocable permission to anyone to use, modify, and distribute it in
>    any way that does not diminish the rights of anyone else to use,
>    modify, and distribute it, provided that redistributed derivative
>    works do not contain misleading author or version information.
>    Derivative works need not be licensed under similar terms.
> 
> Which is quite confusing because on the one hand it places a requirement on
> redistributed derivative works:
> 
> "provided that redistributed derivative works do not contain misleading author
> or version information"
> 
> and then on the other hand states that derivative works are free to licence
> under different terms:
> 
> "Derivative works need not be licensed under similar terms"
> 
> It seems to me that the above gives us the ability to just relicense this under
> Apache 2 and incorporate it. But I'm not entirely sure.

I'd be comfortable with relicensing under Apache, while clearly
indicating the provenance of the code, and indicating that the
file is also available under the original terms.

-- 
	Viktor.


More information about the openssl-project mailing list