* Florian Weimer ([EMAIL PROTECTED]) wrote:
> * Stephen Frost:
> > Ah, this does sound rather ugly and not something we'd want. The
> > particular library doesn't make a whole heck of alot of difference to me
> > provided it has the general functionality necessary and a compatible
> > license (whe
* Stephen Frost:
> Ah, this does sound rather ugly and not something we'd want. The
> particular library doesn't make a whole heck of alot of difference to me
> provided it has the general functionality necessary and a compatible
> license (where 'compatible' in this case really means 'Debian fee
Martijn van Oosterhout wrote:
- Thread safety (GnuTLS is thread-safe by design, no locks needed)
- Proper layering (creating your own I/O function is trivial)
- Seperate namespace
- Non-blocking support from the get-go
were taken care of. Since people are citing maintainability as a
concern, I
* Andrew Dunstan ([EMAIL PROTECTED]) wrote:
> Bruce Momjian wrote:
> >Keep in mind in most cases OpenSSL is already part of the operating
> >system, unless you are using Win32.
>
> My understanding is that the Debian people are saying the exception for
> libraries shipped with the OS does NOT app
Bruce Momjian wrote:
Keep in mind in most cases OpenSSL is already part of the operating
system, unless you are using Win32.
My understanding is that the Debian people are saying the exception for
libraries shipped with the OS does NOT apply to *other* libraries or
programs that are shipp
* Bruce Momjian ([EMAIL PROTECTED]) wrote:
> Stephen Frost wrote:
> > Ah, this does sound rather ugly and not something we'd want. The
> > particular library doesn't make a whole heck of alot of difference to me
> > provided it has the general functionality necessary and a compatible
> > license (
On Tue, Jan 02, 2007 at 01:29:35PM -0500, Stephen Frost wrote:
> Would a patch to implement dual-support for OpenSSL and NSS be
> acceptable? Would just replacing OpenSSL support with NSS support be
When I was looking into this I looked at NSS, and eventually decided on
GnuTLS. Why? Because I rea
Stephen Frost wrote:
-- Start of PGP signed section.
> * David Boreham ([EMAIL PROTECTED]) wrote:
> > Stephen Frost wrote:
> > >erm, I'm not really sure what you're saying here but perhaps I can
> > >clarify: I wasn't suggesting to add any serious amount of source code
> > >to PostgreSQL - NSS wou
* David Boreham ([EMAIL PROTECTED]) wrote:
> Stephen Frost wrote:
> >erm, I'm not really sure what you're saying here but perhaps I can
> >clarify: I wasn't suggesting to add any serious amount of source code
> >to PostgreSQL - NSS would be used just as OpenSSL is today, and as
> >GNUTLS support
Stephen Frost wrote:
Also, do we really want to import the NSPR into Postgres? I suspect not.
Of course, the only thing that people are tripping over license-wise is
libpq. But I think we would want to keep that as lean and mean as
possible, too.
erm, I'm not really sure what you're say
* David Boreham ([EMAIL PROTECTED]) wrote:
> Andrew Dunstan wrote:
>
> >I suspect most postgres developers and companies would like to keep
> >things as BSDish as possible.
>
> Right, hence OpenSSL would be the obvious best choice.
> In respect of licencing however, NSS is no 'worse' than GNU T
* Andrew Dunstan ([EMAIL PROTECTED]) wrote:
> I suspect most postgres developers and companies would like to keep
> things as BSDish as possible. Dealing with a multitude of licenses might
> be fun for some, but many of us find it a pain in the neck.
It'd be great if PostgreSQL could use an SSL
Andrew Dunstan wrote:
I suspect most postgres developers and companies would like to keep
things as BSDish as possible.
Right, hence OpenSSL would be the obvious best choice.
In respect of licencing however, NSS is no 'worse' than GNU TLS
because it may be distributed under the GPL and LGPL.
Andrew Dunstan <[EMAIL PROTECTED]> writes:
> Also, do we really want to import the NSPR into Postgres? I suspect not.
> Of course, the only thing that people are tripping over license-wise is
> libpq. But I think we would want to keep that as lean and mean as
> possible, too.
Yeah, requiring NS
Stephen Frost wrote:
* David Boreham ([EMAIL PROTECTED]) wrote:
Stephen Frost wrote:
Not sure what license that's under,
From http://www.mozilla.org/projects/security/pki/nss/:
'NSS is available under the Mozilla Public License, the GNU General
Public License, and the GNU Les
David Boreham wrote:
Stephen Frost wrote:
* David Boreham ([EMAIL PROTECTED]) wrote:
Fascinating thread for the holidays. I found it interesting that
nobody has mentioned
NSS (former Netscape SSL library). It has its own bag of problems of
course, but
for me is potentially more attractive
* David Boreham ([EMAIL PROTECTED]) wrote:
> Stephen Frost wrote:
> >Not sure what license that's under,
> >
> From http://www.mozilla.org/projects/security/pki/nss/:
> 'NSS is available under the Mozilla Public License, the GNU General
> Public License, and the GNU Lesser General Public License.'
Stephen Frost wrote:
* David Boreham ([EMAIL PROTECTED]) wrote:
Fascinating thread for the holidays. I found it interesting that nobody
has mentioned
NSS (former Netscape SSL library). It has its own bag of problems of
course, but
for me is potentially more attractive than GNU TLS. e.g. it
[EMAIL PROTECTED] ("Joshua D. Drake") writes:
>> The reason I wanted to use PGP is that I already have a PGP key. X.509
>> certificates are far too complicated (a certificate authority is a
>> useless extra step in my case).
>
> Complete side note but one feature that I brought up to my team a
> po
Hi,
[EMAIL PROTECTED] wrote:
Nobody has proven an issue exists. The only way to prove it would be
for an actual court case to set the precident.
That's exactly the mentality that I'm questioning. Why always go to
legal boundaries and ask for courts?
Joshua D. Drake wrote:
Further, OpenSSL
Hi,
Martijn van Oosterhout wrote:
Please read the OpenSSL-GPL FAQ. They themselves acknowledge it's a
problem, but claim they fall under the "operating system exception",
which is fine for everyone except the distributor of the operating
system.
http://www.openssl.org/support/faq.html#LEGAL2
> It seems your interpretation of the OpenSSL "position" is as
> questionable as your interpretation of the GPL, and what the GPL can
> legally require. :-)
>
> Nobody has proven an issue exists. The only way to prove it would be
> for an actual court case to set the precident.
Further, OpenSSL
On Sun, Dec 31, 2006 at 03:59:29PM +0100, Martijn van Oosterhout wrote:
> Please read the OpenSSL-GPL FAQ. They themselves acknowledge it's a
> problem, but claim they fall under the "operating system exception",
> which is fine for everyone except the distributor of the operating
> system.
>
> ht
On Sun, Dec 31, 2006 at 03:25:42PM +0100, Markus Schiltknecht wrote:
> b) The other features of Martijn's patch got completely overseen. Can we
> (can you Martijn?) break up the patch into smaller pieces and discuss
> single independent features, like querying for parameters of the SSL
> connect
Hi,
I've just read most of that thread and found it rather disappointing.
I'd just like to add my 2 (or 3) cents:
a) I like to have the freedom to choose what software (under which
licenses) I'm using. Thus I'd like to see GNUTLS supported, as it adds
an additional feature to PostgreSQL per
On Sat, Dec 30, 2006 at 05:03:23PM -0500, Bruce Momjian wrote:
> Stephen Frost wrote:
> > I appriciate your pedantism but in the end it really doesn't matter very
> > much. This is, aiui anyway, the way Debian interprets the various
> > licenses. You're welcome to your own interpretation.
> That
On Sat, 2006-12-30 at 22:18 -0500, Stephen Frost wrote:
> * Bruce Momjian ([EMAIL PROTECTED]) wrote:
> > Stephen Frost wrote:
> > > I appriciate your pedantism but in the end it really doesn't matter very
> > > much. This is, aiui anyway, the way Debian interprets the various
> > > licenses. You'
* Bruce Momjian ([EMAIL PROTECTED]) wrote:
> Stephen Frost wrote:
> > I appriciate your pedantism but in the end it really doesn't matter very
> > much. This is, aiui anyway, the way Debian interprets the various
> > licenses. You're welcome to your own interpretation.
>
> That was my point ---
* Bruce Momjian ([EMAIL PROTECTED]) wrote:
> Martijn van Oosterhout wrote:
> > Somehow I don't think a statement requiring you to put some guys name
> > in all your advertising material is the same as requiring you to
> > preserve the copyright notice.
>
> Agreed, but the words "additional restric
* David Boreham ([EMAIL PROTECTED]) wrote:
> Fascinating thread for the holidays. I found it interesting that nobody
> has mentioned
> NSS (former Netscape SSL library). It has its own bag of problems of
> course, but
> for me is potentially more attractive than GNU TLS. e.g. it has FIPS-140
> c
Tom Lane wrote:
What basically bothers me about this is that trying to support both the
OpenSSL and GNUTLS APIs is going to be an enormous investment of
development and maintenance effort, because it's such a nontrivial thing
Fascinating thread for the holidays. I found it interesting that no
Martijn van Oosterhout wrote:
-- Start of PGP signed section.
> On Sat, Dec 30, 2006 at 05:03:23PM -0500, Bruce Momjian wrote:
> > > I appriciate your pedantism but in the end it really doesn't matter very
> > > much. This is, aiui anyway, the way Debian interprets the various
> > > licenses. You
On Sat, Dec 30, 2006 at 05:03:23PM -0500, Bruce Momjian wrote:
> > I appriciate your pedantism but in the end it really doesn't matter very
> > much. This is, aiui anyway, the way Debian interprets the various
> > licenses. You're welcome to your own interpretation.
>
> That was my point --- tha
Stephen Frost wrote:
> > > 1. You may copy and distribute verbatim copies of the Program's
> > > source code as you receive it, in any medium, provided that you
> > > conspicuously and appropriately publish on each copy an appropriate
> > > copyright notice and disclaimer of warranty; keep intact a
* Bruce Momjian ([EMAIL PROTECTED]) wrote:
> Stephen Frost wrote:
> > > > 6. Each time you redistribute the Program (or any work based on the
> > > > Program), the recipient automatically receives a license from the
> > > > original licensor to copy, distribute or modify the Program subject to
> >
Stephen Frost wrote:
-- Start of PGP signed section.
> * Bruce Momjian ([EMAIL PROTECTED]) wrote:
> > Stephen Frost wrote:
> > > 6. Each time you redistribute the Program (or any work based on the
> > > Program), the recipient automatically receives a license from the
> > > original licensor to cop
* Bruce Momjian ([EMAIL PROTECTED]) wrote:
> Stephen Frost wrote:
> > 6. Each time you redistribute the Program (or any work based on the
> > Program), the recipient automatically receives a license from the
> > original licensor to copy, distribute or modify the Program subject to
> > these terms
Stephen Frost wrote:
-- Start of PGP signed section.
> * Bruce Momjian ([EMAIL PROTECTED]) wrote:
> > Stephen Frost wrote:
> > > So it's *not* an additional restriction. Not to mention the other
> > > reason- the license isn't part of the *work*.
> >
> > It is an _additional_ license you have to
* Bruce Momjian ([EMAIL PROTECTED]) wrote:
> I had to stuble together a Certificate Revocation List (CRL) patch for
> 8.2 from soneone's posted patch. I didn't even know what CRL was, and
> got no feedback from the community, so I had to figure it out myself to
> get it into CVS (for server and cl
On Sat, 2006-12-30 at 14:28 -0500, Stephen Frost wrote:
> * Joshua D. Drake ([EMAIL PROTECTED]) wrote:
> >
> > > The reason I wanted to use PGP is that I already have a PGP key. X.509
> > > certificates are far too complicated (a certificate authority is a
> > > useless extra step in my case).
> >
Stephen Frost wrote:
> * Magnus Hagander ([EMAIL PROTECTED]) wrote:
Kerberos is there and it's not too hard to use (though does depend
on the MIT Kerberos for Windows service currently). Supporting
SSPI/GSSAPI and then writing a small document on how to generate
Windows keytabs
* Bruce Momjian ([EMAIL PROTECTED]) wrote:
> Stephen Frost wrote:
> > So it's *not* an additional restriction. Not to mention the other
> > reason- the license isn't part of the *work*.
>
> It is an _additional_ license you have to include, not just their
> license. I don't see how requiring an
* Joshua D. Drake ([EMAIL PROTECTED]) wrote:
>
> > The reason I wanted to use PGP is that I already have a PGP key. X.509
> > certificates are far too complicated (a certificate authority is a
> > useless extra step in my case).
>
> Complete side note but one feature that I brought up to my team
* Magnus Hagander ([EMAIL PROTECTED]) wrote:
> [EMAIL PROTECTED] wrote:
> > On Sat, Dec 30, 2006 at 06:05:14PM +0100, Martijn van Oosterhout wrote:
> >> Except tht X.509 is already done (in a sense). The client can supply a
> >> certificate that the server can check, and vice-versa. You can't link
* Magnus Hagander ([EMAIL PROTECTED]) wrote:
> Stephen Frost wrote:
> > * Martijn van Oosterhout (kleptog@svana.org) wrote:
> >> On Sat, Dec 30, 2006 at 02:10:42AM -0500, Tom Lane wrote:
> >>> Actually, it's *not* feature-complete even yet.
> >> What's missing? I don't see anything on the TODO list
Stephen Frost wrote:
-- Start of PGP signed section.
> * Bruce Momjian ([EMAIL PROTECTED]) wrote:
> > Stephen Frost wrote:
> > > Yet *having* that requirement on a *derived work* which includes GPL
> > > code is *against* the terms of the GPL. That's *exactly* the issue.
> > > The GPL says more th
* Magnus Hagander ([EMAIL PROTECTED]) wrote:
> >> Kerberos is there and it's not too hard to use (though does depend
> >> on the MIT Kerberos for Windows service currently). Supporting
> >> SSPI/GSSAPI and then writing a small document on how to generate
> >> Windows keytabs for Postgres would mea
* Bruce Momjian ([EMAIL PROTECTED]) wrote:
> Stephen Frost wrote:
> > Yet *having* that requirement on a *derived work* which includes GPL
> > code is *against* the terms of the GPL. That's *exactly* the issue.
> > The GPL says more than "you must provide the source code to everything",
> > it exp
On Sat, 2006-12-30 at 13:44 -0500, Bruce Momjian wrote:
> If you want real language-lawyer over-reach, check out this 2003 posting
> that says our BSD license wording is not compatible with the OpenBSD BSD
> license:
>
> http://archives.postgresql.org/pgsql-bugs/2003-11/msg00212.php
>
> Ope
If you want real language-lawyer over-reach, check out this 2003 posting
that says our BSD license wording is not compatible with the OpenBSD BSD
license:
http://archives.postgresql.org/pgsql-bugs/2003-11/msg00212.php
OpenBSD feels the "without fee" can be misinterpreted, so PostgreSQL w
[EMAIL PROTECTED] wrote:
> On Sat, Dec 30, 2006 at 06:05:14PM +0100, Martijn van Oosterhout wrote:
>> Except tht X.509 is already done (in a sense). The client can supply a
>> certificate that the server can check, and vice-versa. You can't link
>> this with the postgresql username yet, but I havn'
Stephen Frost wrote:
> Yet *having* that requirement on a *derived work* which includes GPL
> code is *against* the terms of the GPL. That's *exactly* the issue.
> The GPL says more than "you must provide the source code to everything",
> it explicitly includes a requirement that no additional res
Stephen Frost wrote:
-- Start of PGP signed section.
> * Bruce Momjian ([EMAIL PROTECTED]) wrote:
> > Robert Treat wrote:
> > > given options like --enable-dtrace and --with-libedit-preferred, I don't
> > > find
> > > this argument compelling...
> >
> > Keep in mind it took years to get OpenSSL
> The reason I wanted to use PGP is that I already have a PGP key. X.509
> certificates are far too complicated (a certificate authority is a
> useless extra step in my case).
Complete side note but one feature that I brought up to my team a
potentially useful would be to allow the use of ssh key
On Sat, Dec 30, 2006 at 06:05:14PM +0100, Martijn van Oosterhout wrote:
> Except tht X.509 is already done (in a sense). The client can supply a
> certificate that the server can check, and vice-versa. You can't link
> this with the postgresql username yet, but I havn't seen any proposals
> about h
On Sat, Dec 30, 2006 at 08:14:16AM -0800, Joshua D. Drake wrote:
>
> > > This would be the big feature I think is missing from our current SSL
> > > support. I don't think it'd be terribly difficult to support with
> > > either library (I think most of the work would be on the PG user auth
> > >
> > This would be the big feature I think is missing from our current SSL
> > support. I don't think it'd be terribly difficult to support with
> > either library (I think most of the work would be on the PG user auth
> > side, which would be useable by either).
>
> Wouldn't it be a lot more log
>> Kerberos is there and it's not too hard to use (though does depend
>> on the MIT Kerberos for Windows service currently). Supporting
>> SSPI/GSSAPI and then writing a small document on how to generate
>> Windows keytabs for Postgres would mean single-sign-on for Windows
>> users using applicati
Stephen Frost wrote:
> * Martijn van Oosterhout (kleptog@svana.org) wrote:
>> On Sat, Dec 30, 2006 at 02:10:42AM -0500, Tom Lane wrote:
>>> Actually, it's *not* feature-complete even yet.
>> What's missing? I don't see anything on the TODO list relating to
>> this. If you wanted a GnuTLS patch that
On Fri, Dec 29, 2006 at 08:12:47PM -0500, Stephen Frost wrote:
> * Joshua D. Drake ([EMAIL PROTECTED]) wrote:
> > > We use it on some of our production systems (since it can
> > > provide cracklib, password expiration, etc, and the postgres
> > > instance inside it's own vserver so it doesn't hurt
* Martijn van Oosterhout (kleptog@svana.org) wrote:
> On Sat, Dec 30, 2006 at 02:10:42AM -0500, Tom Lane wrote:
> > Actually, it's *not* feature-complete even yet.
>
> What's missing? I don't see anything on the TODO list relating to
> this. If you wanted a GnuTLS patch that supported more feature
* Tom Lane ([EMAIL PROTECTED]) wrote:
> Bruce Momjian <[EMAIL PROTECTED]> writes:
> > Keep in mind it took years to get OpenSSL support up to the level we
> > have it now. It took SSL experts coming in and out of our development
> > process to get it 100% feature-complete.
>
> Actually, it's *not
* Andrew Dunstan ([EMAIL PROTECTED]) wrote:
> Bruce Momjian wrote:
> > Keep in mind it took years to get OpenSSL support up to the level we
> > have it now. It took SSL experts coming in and out of our development
> > process to get it 100% feature-complete. Doing this for another
> > library, I
* Bruce Momjian ([EMAIL PROTECTED]) wrote:
> Robert Treat wrote:
> > given options like --enable-dtrace and --with-libedit-preferred, I don't
> > find
> > this argument compelling...
>
> Keep in mind it took years to get OpenSSL support up to the level we
> have it now. It took SSL experts comi
On Sat, Dec 30, 2006 at 02:10:42AM -0500, Tom Lane wrote:
> Bruce Momjian <[EMAIL PROTECTED]> writes:
> > Keep in mind it took years to get OpenSSL support up to the level we
> > have it now. It took SSL experts coming in and out of our development
> > process to get it 100% feature-complete.
>
>
Bruce Momjian <[EMAIL PROTECTED]> writes:
> Keep in mind it took years to get OpenSSL support up to the level we
> have it now. It took SSL experts coming in and out of our development
> process to get it 100% feature-complete.
Actually, it's *not* feature-complete even yet.
What basically bothe
Bruce Momjian wrote:
> Robert Treat wrote:
>> > 5) GNUTLS does not run well under all of our supported platforms.
>> >
>>
>> given options like --enable-dtrace and --with-libedit-preferred, I don't
>> find
>> this argument compelling...
>
> Keep in mind it took years to get OpenSSL support up to th
Robert Treat wrote:
> On Friday 29 December 2006 14:49, Joshua D. Drake wrote:
> > > entirely.
> > >
> > > 4) GNUTLS development seems more active? OpenSSL has been in a
> > > frozen/mature state for a while. I don't understand why OpenSSL is still
> > > labelled as 0.9.x, which might indicate alph
* Joshua D. Drake ([EMAIL PROTECTED]) wrote:
> > > I do not like --with-krb5 because it has extremely limited real world
> > > use.
> >
> > Riiigghhhttt... Only every Windows setup which uses Active Directory,
> > most major universities, and certain large corporations (uh, AOL?) would
> > even t
>
> I don't understand why this has devolved into an argument about what
> people do and don't like. It's like specifically choosing a forum
> that will have the most disagreement.
Yep :), I saw we go over to debian-general and ask why they are trying
to make all these projects use GNU/TLS
On Dec 29, 2006, at 7:09 PM, Joshua D. Drake wrote:
On Fri, 2006-12-29 at 18:56 -0500, Stephen Frost wrote:
* Joshua D. Drake ([EMAIL PROTECTED]) wrote:
On Fri, 2006-12-29 at 17:57 -0500, Robert Treat wrote:
On Friday 29 December 2006 14:49, Joshua D. Drake wrote:
given options like --enable
> > I do not like --with-krb5 because it has extremely limited real world
> > use.
>
> Riiigghhhttt... Only every Windows setup which uses Active Directory,
> most major universities, and certain large corporations (uh, AOL?) would
> even think to use something like Kerberos!
I said "Extremely
* Joshua D. Drake ([EMAIL PROTECTED]) wrote:
> I do not like --enable-dtrace because it is a Solaris only thing and a
> waste of maintability resources (although small).
While the analysis can only be done on Solaris I feel that improvments
from the analysis may be useful on other platforms. For
On Fri, 2006-12-29 at 18:56 -0500, Stephen Frost wrote:
> * Joshua D. Drake ([EMAIL PROTECTED]) wrote:
> > On Fri, 2006-12-29 at 17:57 -0500, Robert Treat wrote:
> > > On Friday 29 December 2006 14:49, Joshua D. Drake wrote:
> > > given options like --enable-dtrace and --with-libedit-preferred, I d
* Joshua D. Drake ([EMAIL PROTECTED]) wrote:
> On Fri, 2006-12-29 at 17:57 -0500, Robert Treat wrote:
> > On Friday 29 December 2006 14:49, Joshua D. Drake wrote:
> > given options like --enable-dtrace and --with-libedit-preferred, I don't
> > find
> > this argument compelling...
>
> I don't lik
On Fri, 2006-12-29 at 17:57 -0500, Robert Treat wrote:
> On Friday 29 December 2006 14:49, Joshua D. Drake wrote:
> > > entirely.
> > >
> > > 4) GNUTLS development seems more active? OpenSSL has been in a
> > > frozen/mature state for a while. I don't understand why OpenSSL is still
> > > labelled
On Friday 29 December 2006 14:49, Joshua D. Drake wrote:
> > entirely.
> >
> > 4) GNUTLS development seems more active? OpenSSL has been in a
> > frozen/mature state for a while. I don't understand why OpenSSL is still
> > labelled as 0.9.x, which might indicate alpha quality, under heavy
> > devel
* Joshua D. Drake ([EMAIL PROTECTED]) wrote:
> > 4) GNUTLS development seems more active? OpenSSL has been in a frozen/mature
> >state for a while. I don't understand why OpenSSL is still labelled as
> >0.9.x, which might indicate alpha quality, under heavy development.
> >
> > I don't fin
> entirely.
>
> 4) GNUTLS development seems more active? OpenSSL has been in a frozen/mature
>state for a while. I don't understand why OpenSSL is still labelled as
>0.9.x, which might indicate alpha quality, under heavy development.
>
> I don't find the reasons too compelling - but they
On Fri, Dec 29, 2006 at 10:32:34AM -0800, Joshua D. Drake wrote:
> Currently there has not been one technical argument that is valid to
> have us include GNU TLS.
1) The normal freedom that not being tied down to a single product
provides. The same reason somebody might build MySQL + PostgreSQL
* Joshua D. Drake ([EMAIL PROTECTED]) wrote:
> Actually everything about Debian (the project) is a political agenda.
> That doesn't mean that it is invalid though.
*smirk
> That being said, this topic is WAY OFF-TOPIC for the discussion. The
> discussion is:
>
> Will we accept GNU TLS.
>
> Cur
* August Zajonc ([EMAIL PROTECTED]) wrote:
> On 12/29/06, Stephen Frost wrote:
> > In the case above, exim4 *can* provide an exception because it's the
> > *GPL* of *exim4* which is being violated by the advertising clause in
> > the *OpenSSL* license. Which exim4 upstream has *done*, and which ca
> > Caution to the point of fantasy is a waste of resources. Caution to
> > further a political agenda (not you - but the people whose opinions you
> > are repeating) is exploitation.
>
> I don't believe Debian has any kind of political agenda in this regard.
> Debian's agenda is to follow the li
* [EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote:
> > > Now Exim has granted an exception that gets Debian off the hook, but
> > > they didn't have to do that.
> > Right. If they didn't then it's conceivable that Exim could sue Debian
> > for violating the GPL license. Not exactly likely to happen b
On 12/29/06, Stephen Frost wrote:
> In the case above, exim4 *can* provide an exception because it's the
> *GPL* of *exim4* which is being violated by the advertising clause in
> the *OpenSSL* license. Which exim4 upstream has *done*, and which can
> be seen in their license (linked to previously
> > Now Exim has granted an exception that gets Debian off the hook, but
> > they didn't have to do that.
> Right. If they didn't then it's conceivable that Exim could sue Debian
> for violating the GPL license. Not exactly likely to happen but being
> cautious it's best to get their explicit app
* Tom Lane ([EMAIL PROTECTED]) wrote:
> Martijn van Oosterhout writes:
> > On Fri, Dec 29, 2006 at 12:08:37AM -0500, Tom Lane wrote:
> >> libjpeg, my other major open-source project, has always been shipped
> >> under a BSD-ish license that includes an "advertising" clause; I quote:
> >>
> >> : (2
Martijn van Oosterhout writes:
> On Fri, Dec 29, 2006 at 12:08:37AM -0500, Tom Lane wrote:
>> libjpeg, my other major open-source project, has always been shipped
>> under a BSD-ish license that includes an "advertising" clause; I quote:
>>
>> : (2) If only executable code is distributed, then the
* Martijn van Oosterhout (kleptog@svana.org) wrote:
> On Fri, Dec 29, 2006 at 09:52:08AM -0500, [EMAIL PROTECTED] wrote:
> > We're not talking about including GPL code in OpenSSL, though. This is
> > about OpenSSL as the base library. The GPL cannot stipulate that a GPL
> > program may only be link
* [EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote:
> GPL software derived from PostgreSQL must honour the restrictions defined
> by the PostgreSQL (BSD) license.
>
> GPL software derived from OpenSSL must honour the restrictions defined
> by the OpenSSL license.
You're talking about GPL software as i
On Fri, Dec 29, 2006 at 09:52:08AM -0500, [EMAIL PROTECTED] wrote:
> > I think the issue revolves around the conditions that GPL stipulates
> > about "linking against" libraries requiring the entire product to be
> > *distributed* as GPL, even if components have differing licenses. This
> > is t
On Fri, Dec 29, 2006 at 08:31:34PM +1300, Mark Kirkwood wrote:
> [EMAIL PROTECTED] wrote:
> >I will try again. It is a difficult subject for many.
> >GPL software derived from PostgreSQL must honour the restrictions defined
> >by the PostgreSQL (BSD) license.
> >GPL software derived from OpenSSL mu
* Martijn van Oosterhout (kleptog@svana.org) wrote:
> On Fri, Dec 29, 2006 at 12:08:37AM -0500, Tom Lane wrote:
> > libjpeg, my other major open-source project, has always been shipped
> > under a BSD-ish license that includes an "advertising" clause; I quote:
> >
> > : (2) If only executable code
On Fri, Dec 29, 2006 at 12:08:37AM -0500, Tom Lane wrote:
> Stephen, let me explain *exactly* why I think this is horsepucky.
>
> libjpeg, my other major open-source project, has always been shipped
> under a BSD-ish license that includes an "advertising" clause; I quote:
>
> : (2) If only execut
On 12/29/06, Stephen Frost wrote:
So, Debian is distributing an application (exim4 w/ libpq & libssl)
which includes GPL code (exim4) combined with code under another license
(BSD w/ advertising clause) which *adds additional restrictions* (the
advertising clause) over those in the GPL, which is
[EMAIL PROTECTED] wrote:
I will try again. It is a difficult subject for many.
GPL software derived from PostgreSQL must honour the restrictions defined
by the PostgreSQL (BSD) license.
GPL software derived from OpenSSL must honour the restrictions defined
by the OpenSSL license.
What is the
On Thu, Dec 28, 2006 at 09:34:05PM -0500, Stephen Frost wrote:
> * [EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote:
> > By the words you describe above, the GPL doesn't require that you
> > include a copy of the PostgreSQL license either. Are you saying that
> > this makes GPL incompatible with Postgre
Stephen Frost <[EMAIL PROTECTED]> writes:
> So, Debian is distributing an application (exim4 w/ libpq & libssl)
> which includes GPL code (exim4) combined with code under another license
> (BSD w/ advertising clause) which *adds additional restrictions* (the
> advertising clause) over those in the
* [EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote:
> I don't see the problem. If I redistribute PostgreSQL with GPL software
> that I author, I am supposed to keep a copy of the PostgreSQL license
> with the derived works. Respecting the license for every component of
> software is regular business.
>
On Thu, Dec 28, 2006 at 03:56:48PM -0500, Stephen Frost wrote:
> * [EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote:
> > In conclusion - I'll restate. The only license that can restrict the
> > distribution of OpenSSL, is the OpenSSL license. The GPL is not relevant
> > in determining where OpenSSL may
1 - 100 of 123 matches
Mail list logo
