Re: [Savannah-hackers-public] openssl license

[Sylvain Beucler]

> OTOH, the growing or diminishing number of $foo at $distro is not a
> solid base of any sensible conclusions.

I do think that a vast majority of people don't compile their software
and get it packaged. Which means the availability of a package in a
distro is critical. E.g. the replacement of 'cdrecord' by 'wodim' in
all major distros certainly has an impact on those 2 projects.

In addition, given the size of the Debian packages repository (> 25000
free packages), stats are relevant, and it gives a good overview of
the free software ecosystem. Didn't the FSF use stats against the
gNewSense packages set to claim that the majority of free software
projects use the GNU GPL?

Anyway, my aim though was essentially pointing at 'libcurl3-gnutls' or
'libneon27-gnutls' which means GPL projects can use libcurl or libneon
*with* SSL enabled without problem. I probably should have looked at
the projects homepages to see if this was an upstream (development) or
downstream (linking) improvement :)


> > This won't continue if we don't even mention the GnuTLS project -
> 
> I think there's misunderstanding here -- I was answering to Nicodemo
> only, not to the project submitter.  Certainly, I agree that GnuTLS
> should be mentioned as an (recommended) alternative in such
> situations,

OK, I had read something like "I omitted GnuTLS on purpose" and
couldn't let this one fly :p


> but there should be no reason to reject a project on the
> basis that it links against OpenSSL (provided that the exception is in
> place, and is valid taking into account other runtime dependencies, of
> course).  IMVHO.

Note that it's still preventing the project from using GPL'd
libraries, hence enticing submitters to request LGPL'd or BSD'd
replacements.  So I think GnuTLS needs to be recommended in all
situations.

-- 
Sylvain