Better proxy support available via libcurl?

David Shaw dshaw at
Thu Aug 3 15:08:28 CEST 2006

On Thu, Aug 03, 2006 at 11:11:44AM +0200, Werner Koch wrote:
> On Wed,  2 Aug 2006 21:18, David Shaw said:
> > A thought: why not just put an exception in for OpenSSL?  That's what
> > Wget did, and it's a Gnu project as well:
> I don't like these exceptions for practical reasons.  Take Sylpheed as
> an example.  There the OpenSSL exception is also stated.  However
> there are a couple of problems:
> * It has been added without asking all contributors.  For example I
>   have never been asked despite that I did quite some work on
>   Sylpheed.
> * Sylpheed links to a couple of libraries which are (or used to be)
>   GPL.  Thus they would have needed to negotiate with all authors to
>   agree on this exception.  One GPL part not coming with this
>   exception renders the whole exception pointless.
> * To make real use of this exception most of the GPL software would
>   end up with this exception.  Hmmm, it is called an exception for a
>   reason.

These are good objections, but I don't know how well they apply in the
GPG case.  Judging by the ChangeLogs, GPG (at least 1.4.x) does not
have that many authors.  Even that doesn't matter because if the goal
is to allow linking with sub-dependencies of OpenLDAP and libcurl,
we're only talking about the contents of the keyserver directory.  In
the keyserver directory, you really only need permission from one
author, and I would give it.

How about a license exception (or just LGPL) for gpgkeys_ldap,
gpgkeys_curl, and gpgkeys_hkp?  They're separate programs that
communicate via pipes (the classic example of the barrier that the GPL
does not cross).  Their licensing need not be the same as the gpg

> BTW, I don't understand why everyone insists on OpenSSL instead of
> thinking of other libs.  cryptlib seems to be a much more reliable
> implementaion than what most people are using these days.

At least for GPG, I suspect most people won't care (or even notice)
whether it is OpenSSL or something else.  They just want to be able to
build the software and use keyservers.  If that happens through
OpenSSL, great.  If that happens through GnuTLS, also great.


More information about the Gnupg-devel mailing list