Announcement

**uid313** · 07 September 2021, 09:49 AM

But is it secure?

Great that they ditched their vanity OpenSSL license in favor of the more established Apache License.
Now if only Python, PHP and PostgreSQL could do the same.

**orzel** · 07 September 2021, 10:12 AM

What's a clinet ?

**fanbelt** · 07 September 2021, 10:44 AM

Too bad they didn't pick something GPLv2 compatible like BSD+Patent. It would be great if a 3-clause BSD+Patent license gets approved by the OSI. I think it would be favored over Apache 2.0 since the vast majority of people only use it as a BSD-3+Patent license anyways.

**sinepgib** · 07 September 2021, 10:53 AM

Originally posted by orzel View Post

What's a clinet ?

A typo for "client" I believe.

**orzel** · 07 September 2021, 11:03 AM

Originally posted by sinepgib View Post

A typo for "client" I believe.

Dang, you probably right.
That and double citing of "support for kernel TLS", could use some proofreading

**jabl** · 07 September 2021, 11:22 AM

Originally posted by fanbelt View Post

Too bad they didn't pick something GPLv2 compatible like BSD+Patent. It would be great if a 3-clause BSD+Patent license gets approved by the OSI. I think it would be favored over Apache 2.0 since the vast majority of people only use it as a BSD-3+Patent license anyways.

There's also the LLVM exception for the Apache 2.0 license: https://spdx.org/licenses/LLVM-exception.html . Used by at least LLVM and CUPS.

That gives GPLv2 compatibility while keeping the Apache 2.0 that corporate lawyers seem to like.

**ssokolow** · 07 September 2021, 11:23 AM

Originally posted by fanbelt View Post

Too bad they didn't pick something GPLv2 compatible like BSD+Patent. It would be great if a 3-clause BSD+Patent license gets approved by the OSI. I think it would be favored over Apache 2.0 since the vast majority of people only use it as a BSD-3+Patent license anyways.

I don't think a BSD+Patent license that's compatible with the GPLv2 is possible because the patent-related requirements, being not present in the GPLv2, would count as additional restrictions and thus inherently GPLv2-incompatible.

The LLVM exception is sort of a grey area since it's effectively saying "if courts deem that the patent rules are incompatible with the GPLv2, then you may ignore them when redistributing this code as part of a larger GPLv2 work"... so I have trouble seeing how it's significantly different from just releasing something under "Apache-2.0 OR GPL-2.0" terms.

Hell, the Rust ecosystem uses "Apache-2.0 OR MIT" because, as long as you care about getting your changes upstreamed, it has the same effect, patent-wise.

**Vistaus** · 07 September 2021, 11:24 AM

Originally posted by orzel View Post

What's a clinet ?

A wine brand. I guess they need security too in order to prevent outsiders from stealing their wine-making process

**sinepgib** · 07 September 2021, 11:37 AM

Originally posted by orzel View Post

Dang, you probably right.
That and double citing of "support for kernel TLS", could use some proofreading

That's not a half bad idea TBH. Maybe Michael could give someone a premium account in exchange or something.

Originally posted by Vistaus View Post

A wine brand. I guess they need security too in order to prevent outsiders from stealing their wine-making process

In my country there was a time where someone tainted a batch of wine with methanol, blinding and killing several people before anybody realized it. So yeah, they need security too

Announcement

OpenSSL 3.0 Officially Released

OpenSSL 3.0 Officially Released

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment