Can we use GNUPG with PGP for commercial use

mlb at imparisystems.com mlb at imparisystems.com
Thu Jun 17 21:07:49 CEST 2010 

On Thu, 17 Jun 2010 19:51:38 +0200, Joke de Buhr <joke at seiken.de> wrote:
> On Thursday 17 June 2010 19:00:21 Daniel Kahn Gillmor wrote:
>> On 06/17/2010 12:45 PM, Joke de Buhr wrote:
>> > Unlike PGP GnuPG is a non-commercial tool. There is no warranty. You
>> > can't sue anyone if GnuPG does not do what it's supposed to do.
>> 
>> If your goal is to be able to sue someone over proprietary software, i
>> strongly advise you to read the relevant EULA first:
>> 
>>  http://www.pgp.com/products/eula.html
>> 
>> section 9 in particular is illuminating about the scope and duration of
>> whatever minimal warranty you get from having purchased a license.
> 
> As far as I remember the software needs to do mostly what it's supposed
to
> do. 
> It should do at least some kind of encryption and start without
> segfaulting. 
> And advertised features need to be included and working.
> 
> In Germany some court ruled what certain parts of EULAs do not even
apply.
> And if you're legal region is the USA there might be a possibility you
can
> sue 
> PGP if the color of their icons is to bright and you get blinded.
> 
> Nevertheless legal departments of companies like to work with over
> companies 
> just to pretend there is someone who can be sued. And project managers
> like 
> know what support hotline to phone if something went wrong.
>  

I've bought software at companies like MCI, IBM and a couple of others. 
They just care if there's a contract and the contract is legal - meaning
"I'm paying for software "X" and you're going to deliver it this way" or
"You're going to come and install this software and it's going to work as
you advertised or you will refund our money".  I'm working for more and
more companies that are getting open source software - not just OS's, but
things like KnowledgeTree, Alfresco and Pentaho.

I work and live in the United States and I'm not going to even guess about
any other country and their laws.

Certainly, if you work for someone who doesn't like open source - you'll
get every kind of excuse from Monday and their arguments are all about as
reasonable as a schizophrenic homeless person could offer up.

Basically, companies are all about making money and at some point somebody
will realize that they can get Pentaho BI or Talend up and running for
about 1/10th the price of some Oracle solution and they'll take the risk
for the cash.

My humble opinion....

>> > If you need commercial support and liability stick to PGP and pay for
>> > it.
>> 
>> If you need commercial support, there is no reason to avoid free
>> software.  Several companies offer commercial support for GnuPG:
>> 
>>   http://www.gnupg.org/service.en.html
>> 
>> Please don't spread the false idea that only proprietary software is
>> available with commercial support.
>> 
>> Regards,
>> 
>> 	--dkg

More information about the Gnupg-users mailing list