Relaxing the need for copyright assignments

Simon Josefsson simon at
Thu Apr 12 12:12:01 CEST 2012

Werner Koch <wk at> writes:

> Hi!
> Nowadays we have wealth of crypto libraries available.  It is often
> easier to contribute to them than to Libgcrypt.  The copyright
> assignments required for Libgcrypt turned out to be a major hassle and
> thus I plan to relax the rules.
> What do you think of this:


>   Libgcrypt is currently licensed under the LGPLv2+ with tools and
>   the manual being under the GPLv2+.  We may eventually update to a
>   newer version of the license or a combination of them.  It is thus
>   important, that all contributed code allows for an update of the
>   license; thus we can't accept any code under the LGPLv2(only).

I think GPLv3+ for tools and and either GPLv3+ or GFDLv1.2+ for the
manual is fine too.

> I pondered with the idea of requiring OpenPGP signed statements but
> rejected it.  They don't gain much unless we want to establish another
> complicated procedure to check the trustworthiness of the key.  Even if
> we would do so, we will have no way to check the provenience of the
> submitted code.

Couldn't you recommend OpenPGP signed statements, at least?


More information about the Gcrypt-devel mailing list