> > FWIW, the permission I seek is from my Legal department. They want to ensure > that 1) we don't use software having unacceptable licenses or in unacceptable > ways, and 2) that the terms of all the copyrights are adhered to (e.g., > reproducing attribution statements, etc.). >
In my personal opinion this is the time to ask what and how much they need that promise. The budget they have and what risk contra costs that might be needed. It also the time to look at products like BlackDuck to run that against you code. There is always a line between risk and cost, imho moving the cost into the openbsd project for this doesn’t see fair.
