gpgme license

[Marcus Brinkmann]

On Tue, Jul 16, 2002 at 11:47:53AM -0400, marius aamodt eriksen wrote:
> * Marcus Brinkmann <brinkmd at klecker.debian.org> [020716 07:40]:
> 
> > There are two versions of the BSD license, the older one which has
> > the obnoxious advertisement clause and which is incompatible with
> > the GPL.  If gzsig has this license only, and not a better one, it
> > is incompatible with gpgme's license.
> 
> i am well aware of the credits/advertisements clause.  it is not part
> of gzsig's license.

That is good.
 
> > At some time, the university of Berkeley reconsidered their stance
> > and and relicensed all their software to be under a new license,
> > which is the BSD license with the advertising clause removed.  This
> > license is then known under the name "modified BSD license" and
> > qualifies as a GPL-compatible free software license.  If gzsig is
> > under this license, you can comine it with GPGME.  Please note that
> > the resulting combined work will be subject to the conditions of the
> > GPL, because it is the more restrictive license of the two.  If
> > GPGME were licensed under the LGPL, proprietary software could
> > include it without becoming less proprietary.  As GPGME is the only
> > program that makes it so easy to include cryptography into an
> > application, this would give those proprietary programs an advantage
> > without giving the free software community a bigger advantage in
> > return.  Would you really like that?
> 
> yes, when i write code i want people to use it.  i want it to be
> useful, new technology, and therefore i don't mind if large companies
> use my code in properietary software.

It will be useful, new technology even without being used in proprietary
software.  It can be used if it is under a copyleft license, too, just not
under a license that tries to take away freedom from the people.

> as for easy-to-include cryptography, do remember openssl with their
> libcrypto.  it has become quite polished and easy to use.  openssl is
> dual licensed, and both of them are BSD style.  so i don't think
> anyone is getting an advantage like you claim.  gzsig uses openssl's
> digital signature mechanisms for both DSA and RSA signatures, but it
> lacked PGP support which i found handy.

You say that people can use libcrypto instead of gpgme, but in the next
sentence you say that libcrypto does not do the same job as GPGME.  I don't
understand the logic in that.  GPGME supports OpenPGP and CMS with the same
interface.

Bottom line of this discussion is that gzsig and gpgme can be combined into
a single program, which is then copylefted free software.  There is no need
to LGPL GPGME to achieve this.

Thanks,
Marcus

-- 
`Rhubarb is no Egyptian god.' GNU      http://www.gnu.org    marcus at gnu.org
Marcus Brinkmann              The Hurd http://www.gnu.org/software/hurd/
Marcus.Brinkmann at ruhr-uni-bochum.de
http://www.marcus-brinkmann.de/